gular Expressions for Internationalized
Validation
That's an interesting approach you guys are proposing.
I did a quick proof of concept where I coded an Interceptor that uses
the
Apache Commons StringEscapeUtils.escapeHtml function to update all
incoming
parameter values. This seems to impl
ord what he also said about SQL injection:
> Just use PreparedStatements with '?' placeholders (or Hibernate, or some
> other library which will protect you from SQL injection attacks).
>
> [1]
> http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Valida
gested [1].
To reword what he also said about SQL injection:
Just use PreparedStatements with '?' placeholders (or Hibernate, or some other
library which will protect you from SQL injection attacks).
[1]
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validat
RegexFieldValidator
> Override validate method, do what ever you want there. This should work.
>
>
--
View this message in context:
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp1
ant.com
PEOPLE :: PASSION :: EXCELLENCE
-Original Message-
From: egetchell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2008 8:02 PM
To: user@struts.apache.org
Subject: Re: Using POSIX Regular Expressions for Internationalized
Validation
Greg,
Thanks for the reply.
The comm
l treat as anything other than text (i.e. it will never try to
> interpret such data as markup) and therefore you wont be vulnerable.
>
> L.
>
>
--
View this message in context:
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp19844314
The validation strategy you cite is well and good when the you *have* 'a
set of tightly constrained known good values.' It's not useful in the
general case.
Your concerns with respect to XSS should only present a problem if you
need to render untrusted HTML (such as is often the case with web-
x.php/Data_Validation#Data_Validation_Strategies
>
> Their document, as a whole, is a very intereseting read.
>
>
> Greg Lindholm wrote:
>>
>> Sorry, I've never heard of whitelisting of allowable characters as being
>> a "normal" approach.
>>
gt; "normal" approach.
>
--
View this message in context:
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp19844314p19859522.html
Sent from the Struts - User mailing list archive at Nabble.com.
---
> Thanks!
>
> Eric Getchell | Sr. Technologist
>
> Distributed Logic Corporation
> 600 Unicorn Park
> Woburn, MA 01801
> Email: [EMAIL PROTECTED]
>
>
--
View this message in context:
http://www.nabble.com/Using-POSIX
600 Unicorn Park
Woburn, MA 01801
Email: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp19844314p19844314.html
Sent from the Struts - User mailing list archive at Nabble.
Vinit Sharma wrote:
Hi,
I've an Internationalized application and my requirement is to support
validation based on the locale selected. For eg, I've a user input form,
which is displayed in some particular locale. Suppose use enters the data in
its own locale format (1,234,567 or 1,234.567). Whe
Hi,
I've an Internationalized application and my requirement is to support
validation based on the locale selected. For eg, I've a user input form,
which is displayed in some particular locale. Suppose use enters the data in
its own locale format (1,234,567 or 1,234.567). When this is submitted, t
13 matches
Mail list logo
