We use a text based CRM system. This system we custom built and works fine for internal use. However we are now going to be going live on the internet. The problem we have now is that the web developers are telling us that our data files contain all kinds of none web safe characters and symbols. I am working on writing a Perl script to parse through the data and correct the problem. My problem is that I开发者_如何学Go don't know what to look for. I can write the script but what should I be looking for and what should I change them too? Any suggestions, ideas and help will be greatly appreciated.
You might want to consult the OWASP Cheat Sheet on Cross Site Scripting Prevention. It boils down to:
- Being aware of the locations where you should not put untrusted data at all
- Being aware of the different ways in which data should be escaped in the different kinds of locations where you can put untrusted data
- Using whitelisting (escaping everything except specified safe characters) instead of blacklisting (only escaping specified unsafe characters)
(Read the entire document, though, rather than relying on this summary...)
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论