Portcullis and Thor have been updated

Jun 11, 2009

Just updated a couple of my projects on RIAForge.org. I know several people are using Portcullis so I figure I make a post about it.

Portcullis is a SQL Injection and XSS Filter - http://portcullis.riaforge.org

Thor is a CFC based validation system - http://thor.riaforge.org

Comments

Dave

Dave wrote on 12/18/09 12:21 PM

I think I found a bug in the portcullis filterTags function, in the RegEx.

the filter will not catch:
<InvalidTag >anything...</scrIPT >
(note the spaces)

I've corrected it below, can you tell me if you see any issues with it?
FROM
<#tag#.*?>.*?</#tag#>|<#tag#.*?/>

TO
<#tag#.*?>.*?</#tag#.*?>|<#tag#.*?/>
John Mason

John Mason wrote on 01/04/10 12:29 AM

Thanks, good catch. The fix looks good to me and it's set for the next update.

Write your comment



(it will not be displayed)