[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] apache-cross-site-scripting

Subject: Re: [cobalt-users] apache-cross-site-scripting
From: Joe Kerns <joe@xxxxxxxxxxxxx>
Date: Thu Apr 6 12:14:05 2000

> http://www.apache.org/info/css-security/
> http://www.cert.org/advisories/CA-2000-02.html
> Has anyone looked into these issues, and if so what are the solutions availbale
> for RaQ users?

This has little to do with RAQs specifically, it is more related to the software you are running on whatever server it is you have.  If you are using PHP there is a string operator function for removing all HTML and PHP tags automatically
from posts. Additionally you could use regex functions to remove <script> tags etc.
I am not familiar with CGI, ASP, etc, but I would imagine they have the same functionality.

I believe this is a coding/programming issue rather than server related. Definitely something to be concerned with, tho.

Joe

Prev by Date: RE: [cobalt-users] Cobalt wishlist
Next by Date: Re: [cobalt-users] Re: [Qube2] Samba ...
Previous by thread: [cobalt-users] how to secure your admin funcions using SSH
Next by thread: Re: [cobalt-users] apache-cross-site-scripting

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index