AW: Escaping or filtering for showText

You can pass whatever you want. Everything is escaped by us. Tilman -- Original-Nachricht -- Von: r.barc...@habmalnefrage.de.invalid Betreff: Escaping or filtering for showText Datum: 16.11.2024, 19:11 Uhr An: users@pdfbox.apache.org Hi, Of course we have to watch out when user generated input

Escaping or filtering for showText

Hi, Of course we have to watch out when user generated input - is included in an HTML/XML document (escape <, >, ...) or - if someone would manually concat SQL queries (don't do that) to avoid XSS attacks and SQL injections. What filtering or escaping do we have to consider for contentStream.sho