Does someone run the valve BadInputFilterValve with Tomcat 5.5? This valve
immunes against all XSS, HTML injection, and command injection exploits. It
has been written by Jason Brittain using Tomcat 4
(http://examples.oreilly.com/tomcat/tomcatbook-examples-1.0.zip).
I made it compile and install but without the desired final filtering result.
The ValveContext class (used in the invoke method) doesn't exist anymore in 5.5
and I am not sure if I pass correctly the request down the chain of Valves...
Any help would be appreciated.
Thanks,
Matrix
---------------------------------
Lèche-vitrine ou lèche-écran ? Yahoo! Magasinage.
