Prevention of XSS attack

37 views
Skip to first unread message

patil.g...@gmail.com

unread,
Feb 5, 2020, 10:49:21 AM2/5/20
to ektorp-discuss
HI
I am looking for solution to encode all inputs which contains HTML/Js tags before save into Couch db. Is there any option is EKTORP to apply that filter?

Steve Torres

unread,
Feb 5, 2020, 3:37:10 PM2/5/20
to ektorp-discuss
You can Base64encode your string before saving to couch and decode it after reading

Base64.encodeBase64String(html.getBytes());

Where html variable is the string to encode.

patil.g...@gmail.com

unread,
Feb 6, 2020, 12:36:40 AM2/6/20
to ektorp-discuss
Thank you for your reply.
Isn't there a single point where I can apply above encoding before saving into DB? 
Do I need to apply above encoding for each and every field which I am persisting into Couch?
Reply all
Reply to author
Forward
0 new messages