structs1.x避免XSS攻击的方法

<form-validation>

    <global>
        <constant>
            <constant-name>FIELD_INPUT_MASK</constant-name>
        <constant-value><![CDATA[^[^%;")(+\\=&><#*']*$]]></constant-value>
        </constant>
    </global>

。。。

    <formset>
        <form name="/editAccount">
            <field depends="maxlength,mask" property="firstName">
                <arg position="0" key="accountProfile.content.firstName" />
               <msg name="mask" key="errors.fieldMask" />
                <arg position="0" name="maxlength" key="${var:maxlength}" resource="false" />
                <var>
                    <var-name>maxlength</var-name>
                    <var-value>${NAME_FIELD_MAX_LENGTH}</var-value>
                </var>
                <var>
                    <var-name>mask</var-name>
                    <var-value>${FIELD_INPUT_MASK}</var-value>
                </var>
            </field>

。。。
        </form>
    </formset>
</form-validation>

posted @ 2010-04-08 16:31  Fan Zhang  阅读(386)  评论(0)    收藏  举报