Geeks With Blogs

News FAQ on the correct forum to post at: http://forums.asp.net/p/1337412/2699239.aspx#2699239
Tatworth

A top 25 most dangerous list of software errors has been published at http://www.sans.org/top25-software-errors/

Insterestingly the top error listed was cross site scripting. So what do you do if have to accept HTML input?

I suggest that write a white list filter function to allow through only acceptable mark-up. A basis for such a function can be found in the common filter function at http://commonfilter.codeplex.com/

 

 

Posted on Friday, February 4, 2011 8:00 PM | Back to top


Comments on this post: TOP 25 Most Dangerous Software Errors for 2010

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © TATWORTH | Powered by: GeeksWithBlogs.net