Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Escape HTML in Jetty

On 05/03/2018 21:01, Alexander Farber wrote:
Good evening,

what would be a method in Jetty to escape HTML characters in a String?

OWASP has an easy-to-use Encoder class:
https://www.owasp.org/index.php/OWASP_Java_Encoder_Project

The OWASP XSS prevention cheat sheet is also worth a read:
https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet

--
John English


Back to the top