News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Evert Pot's Blog:
Preventing XSS in Javascript strings
August 01, 2008 @ 12:04:47

Evert Pot has pointed out a handy tool that can make escaping strings in and out of your application simpler - Reform.

Reform is a tool that does exactly this. Reform allows you to escape your data for a javascript, xml, html or vbscript (yes it still exists) context. It provides libraries for Java, .NET, PHP, Perl, Python, Javascript and ASP. Pretty cool!

The utility is simply included into the application an called via the static methods it adds. His example shows the escaping of some output text in a Javascript string to correctly prevent it from falling into an evil XSS scheme.

0 comments voice your opinion now!
xss javascript string reform owasp static method


blog comments powered by Disqus

Similar Posts

Ed Eliot's Blog: Automatic merging and versioning of CSS/JS files with PHP

Cormac's Blog: Lazy loading of object variables in php using __get()

PHPBuilder.com: Using XML - A PHP Developer\'s Primer, Part 4 (Subpart 2)

Kae Verens' Blog: efficient JS minification using PHP

Symfony Blog: Security must be taken seriously


Community Events





Don't see your event here?
Let us know!


introduction threedevsandamaybe api symfony2 code refactor community language laravel framework developer interview install series release unittest testing opinion list podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework