...
| Code Block | ||
|---|---|---|
| ||
String tainted = "%3C%73%63%72%69%70%74%3E"; // Hex encoded equivalent form of <script>
Pattern pattern = Pattern.compile("[\\W&&[IDS01-J. Sanitize data passed across a trust boundary^^\\s\\.]]");
if (pattern.matcher(tainted).find()) {
throw new ValidationException( "Invalid Input");
}
URI uri = new URI("http://vulnerable.com/" + tainted);
|
...