#109 new
Mike Dvorkin

XSS & SQL Sanitation

Reported by Mike Dvorkin | October 4th, 2009 @ 09:45 PM | in Feature Requests

From alexp: I thought it would be nice to getting some security basics in place before the project gets any bigger so as to make sure that all pages are safe and stopping XSS / injections it would be nice to make sure that the form values are cleaned and sanitized before entry into the db and in display.

Naturally so far there isnt much in the way of protection so we should enforce this server and client side h on all elements for display and striping javascript from inputted forms, and also preventing sql injection. Not sure if you have some code in place elsewhere but would be able to help compile something!

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Ruby on Rails CRM platform for Web 2.0 and beyond

People watching this ticket

Tags

Pages