资 源 简 介
Web applications face any number of threats; one of them is cross-site scripting and related injection attacks. 90% of all web applications contain cross-site scripting attacks because they are easy to introduce, and the proper tools are not always available to prevent them. There is no good single library that provides all the functions required by developers to incorporate a fix into there code that will stand up to the test of time and continual research in the field. The Reform library attempts to provide a solid set of functions for encoding output for the most common context targets in web applications (e.g. HTML, XML, JavaScript, etc). The library also takes a conservative view of what are allowable characters based on historical vulnerabilities, and current injection techniques.
