[Catalyst] Picking template type based on input

Bill Moseley moseley at hank.org
Fri Mar 26 21:36:05 GMT 2010

> A bit OT but:
> Is there any built in XSS protection built in some module in Catalyst?
> I was thinking something like auth tokens one can add to the html only
> known by the server and the loaded page, to protect private data sent
> by JSON. Or isn't that secure enough?

You have an example of what you need to protect against?

If you are sending a JSON response to the client it's not really "private"
-- any more than the html response.   Guess, I don't understand your

-- =

Bill Moseley
moseley at hank.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20100326/f1b86=

More information about the Catalyst mailing list