By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,171 Members | 776 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,171 IT Pros & Developers. It's quick & easy.

ANNOUNCE: WSGI XSS Prevention Middleware

P: n/a
Hi,

I've just written a python WSGI middleware class to mitigate
XSS flaws, it's released under the python license. I've
attached the docs below.

Cheers

Rich.

WSGI Middleware class that prevents cross-site scripting flaws
in WSGI applications being exploited. Potentially malicious GET
and POST variables are checked for, and if found, a 403
Forbidden response is sent to the client.

Note that this class can false positive on input such as XML
or passwords containing the '<' character, so it is not useful
in all contexts. In addition, you should note that this
middleware is not a replacement for properly validating
input and quoting output.

This class can be downloaded from:
http://www.westpoint.ltd.uk/dist/wsgisecurity.zip

Author: Richard Moore, ri**@westpoint.ltd.uk
Copyright: (c) 2006 Westpoint Ltd
License: Released under the Python License
Version: 1.0

Nov 24 '06 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.