...
| Code Block | ||
|---|---|---|
| ||
String s = "\uFE64" + "script" + "\uFE65"; // normalizeNormalize s = Normalizer.normalize(s, Form.NFKC); //validate Validate Pattern pattern = Pattern.compile("[<>]"); Matcher matcher = pattern.matcher(s); if (matcher.find()) { // Found black listed tag throw new IllegalStateException(); } else { // ... } |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="26dc96bcabf38a71-a0c98ca1-4b2a4d27-9ed6934b-c942a4af1af4033a22af07b0"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Cross-site Scripting [XYT]" | ]]></ac:plain-text-body></ac:structured-macro> |
CWE-289, "Authentication Bypass by Alternate Name" | ||||
| CWE-180, "Incorrect Behavior Order: Validate Before Canonicalize" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="5fba62580cd4aed2-244e8a78-48a04289-9c9c839e-360a01efa59d3908fa9b6ec9"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b72c4d595e2fa596-9adf43eb-4b334ed7-840faaf5-5388074d6ada4dc462b7ac1c"><ac:plain-text-body><![CDATA[ | [[Davis 2008 | AA. Bibliography#Davis 08]] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7b9b8352f6903992-bbaa6de0-466847b5-807cb100-e62a62c6e57637021a40ace0"><ac:plain-text-body><![CDATA[ | [[Weber 2009 | AA. Bibliography#Weber 09]] | ]]></ac:plain-text-body></ac:structured-macro> |
...