RE: [users@httpd] Cross-site scripting over ssl

Thanks. Regards, SaeedAhmed Subedar, BSLI 91-022-39961356 -Original Message- From: Mark Montague [mailto:m...@catseye.org] Sent: Thursday, December 15, 2011 8:11 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Cross-site scripting over ssl On December 15, 2011 6:31

[users@httpd] Cross-site scripting over ssl

I have a web application on Apache Http Server over SSL. Isn't application level cross-site scripting taken care of since requests and responses are encrypted in SSL? Regards, SaeedAhmed Subedar, BSLI The information contained in this electronic communication is intended solely fo

RE: [users@httpd] Cross-site scripting implementation

Thanks. Regards, SaeedAhmed Subedar, BSLI -Original Message- From: Eric Covener [mailto:cove...@gmail.com] Sent: Thursday, December 15, 2011 12:17 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Cross-site scripting implementation On Thu, Dec 15, 2011 at 2:17 PM, Saeedahmed

[users@httpd] Cross-site scripting implementation

Inspite of the http server being cross-site scripting(xss) safe for most cases, need confirmation if xss filtering/prevention measures still need to be implemented on the application end.. Regards, SaeedAhmed Subedar, BSLI The information contained in this electronic communication is