470,596 Members | 1,200 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,596 developers. It's quick & easy.

ANNOUNCE: WSGI XSS Prevention Middleware


I've just written a python WSGI middleware class to mitigate
XSS flaws, it's released under the python license. I've
attached the docs below.



WSGI Middleware class that prevents cross-site scripting flaws
in WSGI applications being exploited. Potentially malicious GET
and POST variables are checked for, and if found, a 403
Forbidden response is sent to the client.

Note that this class can false positive on input such as XML
or passwords containing the '<' character, so it is not useful
in all contexts. In addition, you should note that this
middleware is not a replacement for properly validating
input and quoting output.

This class can be downloaded from:

Author: Richard Moore, ri**@westpoint.ltd.uk
Copyright: (c) 2006 Westpoint Ltd
License: Released under the Python License
Version: 1.0

Nov 24 '06 #1
0 1095

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Thomas W | last post: by
2 posts views Thread by Ben Finney | last post: by
1 post views Thread by seberino | last post: by
11 posts views Thread by Gregory PiŮero | last post: by
2 posts views Thread by Adam Atlas | last post: by
8 posts views Thread by Ron Garret | last post: by
3 posts views Thread by tuom.larsen | last post: by
37 posts views Thread by Michele Simionato | last post: by
reply views Thread by Matthew Wilson | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.