webtier@glassfish.java.net

block code injection in JSF 2.0

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <webtier_at_javadesktop.org>
Date: Mon, 02 Aug 2010 00:13:55 PDT

Hi all,

I would like to know, if it's necessary that I create in JSF 2.0 a validator for text input fields, for example, to check for code injections like JavaScript or the like?
Or does JSF 2.0 check this for default?

I found nothing on that, please help, to secure JSF 2.0 applications!

Thx a lot!
[Message sent by forum member 'andy85']

http://forums.java.net/jive/thread.jspa?messageID=478981

This message: [ Message body ]
Next message: Lincoln Baxter, III: "Re: [webtier] Allow for pulling view params from the path instead of the query string?"
Previous message: Koper, Dies (FAST): "Number of Keep-Alive threads in GFv2.1.1 and GFv3.x"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]