I'm trying to create a library to help with XSS (escaping input) in ring based projects.
I've looked at some solutions so far and I haven't seen anything where you set it and forget it, or don't have to worry about it at all. Most solutions require manually escaping. I want to create something like rails where escaping is done for you. I feel like doing it manually can lead to problems that I would rather avoid. The approach I have so far, is just a function that allows you to escape through a map using whatever function you want to escape with. Each value can have a specific escaping function (aside from default). This approach can be used in situations where you would apply it when you call session map, right before you start using it's values. I could just keep it like this, but I want it to work through middleware if possible. *My question is, using middleware is there a way that I can call functions only when the data is being output?* Basically, I don't want to affect the values before they are stored in whatever session store. Are there any better XSS (escaping) options available, or does anyone have any suggestions for this library? Thanks. -- -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en --- You received this message because you are subscribed to the Google Groups "Clojure" group. To unsubscribe from this group and stop receiving emails from it, send an email to clojure+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
