Robert
Reputation: 1241
Protecting Spring MVC against XSS
I want to protect my app against XSS. Is there any out of the box feature I can use? An external library to secure requests on the whole application? Or a Tomcat filter/valve?
Thanks!
Upvotes: 1
Views: 359
Answers (1)
PopularIsn'tRight
Reputation: 111
Options you can use:
- Java Encoder Project (just does encoding)
- HDIV (Does a couple of security things, however it doesn't do them all as well as it should).
- ESAPI (Does a lot of stuff, including encoding) - sorry, I can't post a second link, but you can google it. :-)
If all you want is encoding, I would go for option 1. It'll be the quickest and easiest.
Upvotes: 1
Related Questions
- How do I prevent people from doing XSS in Spring MVC?
- XSS prevention in JSP/Servlet web application
- How to prevent from Cross Site Scripting (XSS) attack in Spring Boot application?
- Preventing XSS attacks on Spring applications
- How to block or protect against XSS for Spring MVC 4 applications without SpringBoot
- How to use spring security to prevent xss and xframe attack
- Prevent XSS in Spring MVC controller
- Spring MVC : How to Protect Application from CSRF and XSS
- How to prevent XSS attacks with SpringMVC + Jackson Application?
- Prevent XSS in Spring MVC