Skip to content

Stefan Hendriks' blog

sharing my passion about software and game development

  • The making of Stefan Hendriks
  • About Stefan Hendriks

Category: Cross-site Scripting

Prevent cross-site scripting when using JSON objects using ESAPI and Jackson framework 1.7.x

Recently I have had the opportunity to fix a cross-site-scripting problem. The problem: a lot of JSON objects are being sent over the wire and the data is not being html escaped. This means that anyone who would put html data IN would get it out and make any user vulnerable for XSS attacks. In […]

Share this:

  • Reddit
  • Twitter
  • Facebook
  • LinkedIn
Read More…

Decode Theme by Macho Themes

Want to hire/contact me?

I'm a software developer, owner of Fundynamic.

I work in several languages (java, c#, javascript, ruby, etc). And If I don't know the language, I am a very quick learner.

I give workshops and I'm always willing to listen to your business ideas and help you out technically.

Or if you just want to get in touch. Just head here.

Support me on Patreon!

Become a Patron!

Recent Posts

  • Setting up Jenkins with ReverseProxy and with with github-webhook
  • Automating your SQL migrations in your Java (web) Application with ActiveJDBC’s DB Migrator
  • Indienamic: Map loading created!
  • Adventure started, how is the journey doing so far?
  • Indienamic: Added the power resource!

Categories

  • Automation
  • Code Katas
  • Community
  • Compose Method
  • Continuous Integration
  • Craftmanship
  • Cross-site Request Forgery
  • Cross-site Scripting
  • Design Patterns
  • Dune II – The Maker
  • Estimate
  • Game Development
  • Games
  • Gotchas
  • Indienamic
  • JFall
  • links
  • programming
  • Quality
  • Refactoring
  • Requirements
  • Security
  • Software Development Processes
  • Spring
  • startup
  • Stuff I've learned
  • Test Driven Development
  • Testing
  • thesis
  • Uncategorized
  • Unit Testing
  • Version Control System
  • Web Development
  • what is wrong with this code

Recent Comments

  • stefanhendriks on The difference between TDD and Test First Development
  • ToF on The difference between TDD and Test First Development
  • Plamen on Integration testing your Asp .Net Core App – Dealing with Anti Request Forgery (CSRF), Form Data and Cookies
  • stefanhendriks on Integration testing your Asp .Net Core App – Dealing with Anti Request Forgery (CSRF), Form Data and Cookies
  • olof on Integration testing your Asp .Net Core App – Dealing with Anti Request Forgery (CSRF), Form Data and Cookies

Archives

  • July 2020
  • July 2018
  • October 2017
  • September 2017
  • August 2017
  • May 2017
  • May 2016
  • April 2016
  • April 2014
  • December 2013
  • September 2013
  • August 2013
  • July 2013
  • April 2013
  • February 2013
  • January 2013
  • December 2012
  • October 2012
  • September 2012
  • July 2012
  • June 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • September 2011
  • July 2011
  • June 2011
  • March 2011
  • February 2011
  • January 2011
  • June 2010
  • May 2010
  • February 2010
  • December 2009
  • November 2009
  • June 2009
  • May 2009
  • March 2009

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org