XSS Summary

For Stripes: -

1. Stripes will HTML escape all input tag values. This behavior bypass PopulationStrategy.
2. LocalizableError *fieldValue* will be escaped.
3. SimpleError will *not* be escaped.
4. SimpleMessage and LocalizableMessage will *not* be escaped.

For JSTL: -
1. will escape by default
2. ${..} will *not* escape
3. ${fn:escapeXml(...)} will call escapeXml function to escape the content.

Therefore: -

1. Always use to render output; don't use ${}
2. If you must use ${somevalue}, use ${fn:escapeXml(somevalue)}
3. All args that contain user input String value passed to MessageDisplay or ValidationErrors must be SafeHtmlUtil.HTMLEntityEncode(arg[n]).



XSS Prevention

https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

Centos install java + mysql + tomcat6

yum install java
yum list mysql
yum --enablerepo=remi,remi-test install mysql mysql-server
service mysqld start
/etc/init.d/mysqld start
mysql -u root -p
mysql
mysqladmin
mysqladmin -u root password cyber123
mysql
mysql -u root -p
yum install tomcat6 tomcat6-webapps tomcat6-admin-webapps
yum install yum-priorities
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
cd /etc/yum.repos.d/
wget http://jpackage.org/jpackage50.repo
yum install tomcat6 tomcat6-webapps tomcat6-admin-webapps
service tomcat6 start

Setting Up A Static IP Address Using The Command Line

Setting Up A Static IP Address Using The Command Line

Log on as root, change directory to /etc/sysconfig/networking/devices and list all available devices.

# cd /etc/sysconfig/networking/devices
# ls

Find the configuration file corresponding to the NIC for which you want to set a static IP and edit it.

# vi ifcfg-eth0

I prefer using “joe” as a text editor rather than “vi”. You can install “joe” by issuing “yum install joe”. To invoke joe’s help menu, type “CTRL+K, H” from within the application.

Now set the parameters below according to your settings (those in bold characters only):

DEVICE=eth0
BOOTPROTO=none
HWADDR=00:0C:29:DE:94:8B
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=yes
NETMASK=255.255.255.0
IPADDR=192.168.0.100
GATEWAY=192.168.0.1

Save the configuration file and exit the text editor.

To set the nameservers, change directory to /etc and edit resolv.conf.

# cd /etc
# vi resolv.conf

The file format should be like this:

search your-dns-search-path
nameserver dns1-ip-address
nameserver dns2-ip-address
nameserver dns3-ip-address

Now save the configuration file and exit the text editor. To apply changes, we need to bring the network interface down and back up.

# ifdown eth0
# ifup eth0

If you intend to do that remotely, reboot the server instead as you would be disconnected from your server after issuing the “ifdown” command.