Erlang Mailing Lists
Author Message

<  Erlyweb mailing list  ~  ErlyWeb XSS attacks sanitize html
Guest
Posted: Sat Sep 29, 2007 1:20 pm Reply with quote
Guest
does erlyweb sanitize html for inputs?

joe


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "erlyweb" group.
To post to this group, send email to erlyweb@googlegroups.com
To unsubscribe from this group, send email to erlyweb-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/erlyweb?hl=en
-~----------~----~----~----~------~----~------~--~---

Post recived from mailinglist
Back to top
ketralnis
Posted: Sat Sep 29, 2007 4:12 pm Reply with quote
User Joined: 20 Jul 2007 Posts: 151 Location: San Francisco, CA
> does erlyweb sanitize html for inputs?

No.

You might want to look at my article that shows how to use a Perl
program from Erlang, and find one of the many Perl XSS libraries.

http://www.ketralnis.com/roller/dking/entry/20070903

On a side-note, that might also help you with the image-resizing that
you asked about in another thread

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "erlyweb" group.
To post to this group, send email to erlyweb@googlegroups.com
To unsubscribe from this group, send email to erlyweb-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/erlyweb?hl=en
-~----------~----~----~----~------~----~------~--~---

Post recived from mailinglist
Back to top View user's profile Send private message AIM Address
Guest
Posted: Sat Sep 29, 2007 10:03 pm Reply with quote
Guest
You can use yaws_api:htmlize(). It won't preserve any tags, though.

Yariv

On 9/29/07, David King <dking@ketralnis.com> wrote:
>
> > does erlyweb sanitize html for inputs?
>
> No.
>
> You might want to look at my article that shows how to use a Perl
> program from Erlang, and find one of the many Perl XSS libraries.
>
> http://www.ketralnis.com/roller/dking/entry/20070903
>
> On a side-note, that might also help you with the image-resizing that
> you asked about in another thread
>
> >
>

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "erlyweb" group.
To post to this group, send email to erlyweb@googlegroups.com
To unsubscribe from this group, send email to erlyweb-unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/erlyweb?hl=en
-~----------~----~----~----~------~----~------~--~---

Post recived from mailinglist
Back to top

Display posts from previous:  

All times are GMT
View next topic
View previous topic
Page 1 of 1
Erlang Forum - Trap Exit Forum Index  ~  Erlyweb mailing list
This forum is locked: you cannot post, reply to, or edit topics.

Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
Hosted by Erlang Solutions    |    Powered by phpBB and NoseBleed v1.14