<div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">A bit OT but:<br>
Is there any built in XSS protection built in some module in Catalyst?<br>
I was thinking something like auth tokens one can add to the html only<br>
known by the server and the loaded page, to protect private data sent<br>
by JSON. Or isn't that secure enough?<br></blockquote><div><br></div><div>You have an example of what you need to protect against?</div><div><br></div><div>If you are sending a JSON response to the client it's not really "private" -- any more than the html response. Guess, I don't understand your concern.</div>
<div><br></div><div> </div></div>-- <br>Bill Moseley<br><a href="mailto:moseley@hank.org">moseley@hank.org</a><br>