Hi Aaron,
I did a very quick search and could not find the article you mention,
can you send a link to it?
I must admit to being ignorant on the subject, but i suspect it is
something that the 311 EG should chew over, so i will forward to that list.
Thanks,
Paul.
Aaron Anderson wrote:
> Perhaps this is more appropriate for the JSR311 mailing list so forgive
> me for posting this here.
>
> I was reading a new IBM article on injection attacks today and it got me
> to thinking about how I will perform validation on my JSR311
> application. I looked at the spec and didn't see parameter validation as
> a goal or non goal. I was curious on what are peoples opinions on this?
> Should parameter validation be application specific, handled as an
> extended feature of the JSR311 implementation, or be incorporated into
> the JSR311 spec like validation is in the JSF spec?
>
> ------------------------------------------------------------------------
> Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user
> panel
> <http://us.rd.yahoo.com/evt=48516/*http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
> > and lay it on us.
--
| ? + ? = To question
----------------\
Paul Sandoz
x38109
+33-4-76188109