[cas-dev] renew and service parameter validation
cas sso
skcas at hotmail.com
Thu May 31 13:39:12 EDT 2007
Hi,
I am new to CAS.
My company's security guys informed that for CAS, I must validate the request object's "renew" and "service" parameters. This is to prevent cross-site scripting.
Can someone please guide how to do this. I am suspecting it will involve code change in CAS.
Thanks
Sam
Add some color. Personalize your inbox with your favorite colors. Try it!
_________________________________________________________________
Change is good. See what’s different about Windows Live Hotmail.
www.windowslive-hotmail.com/learnmore/default.html?locale=en-us&ocid=TXT_TAGLM_HMWL_reten_changegood_0507
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas-dev/attachments/20070531/e0c9ec61/attachment.html
More information about the cas-dev
mailing list