I am looking to add a some strict cross-scripting rules to my application which

Question

0

Asked: June 9, 20262026-06-09T01:15:24+00:00 2026-06-09T01:15:24+00:00

I am looking to add a some strict cross-scripting rules to my application which

0

I am looking to add a some strict cross-scripting rules to my application which is based on Spring. I added the recommended html ‘defaultHtmlEscape’ to true and used the tag, but there are still some things we would like to prevent. I decided to use the java html sanitizer from https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project . This will require me to call the sanitizing function every where a parameter is read, which is changes in a lot of places. Is there a central place I can do this? Perhaps, a class through which all the parameters are parsed? I saw that the NamedParameterUtils is used internally in Spring to parse the parameters. Is there a way to extend it?

Is there any other way of doing this in Spring framework?

Any pointers are greatly appreciated.

thanks,

Asha

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-09T01:15:27+00:00

Editorial Team

2026-06-09T01:15:27+00:00Added an answer on June 9, 2026 at 1:15 am

Hate to answer my own question. You can add a filter class in Spring and have the parameters pass through them. More information is at: http://jeevanpatil.wordpress.com/2011/07/22/prevention_of_xss/ in the ‘Filter Approach’ section.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am looking to add a some strict cross-scripting rules to my application which

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply