https://connect.hyland.com/t5/alfresco-archive/alfresco-default-security/m-p/250218#M203348 <HTML><HEAD></HEAD><BODY><SPAN>Hi everyone, i'm quite new to Alfresco, i'd like to know something about default security implementation. So i'm looking for infos about how Alfresco handle default input validation, cross site scripting or injections. </SPAN><BR /><SPAN>Is there someone who can help me about it?</SPAN><BR /><BR /><SPAN>thanks</SPAN><BR /><BR /><SPAN>psk</SPAN></BODY></HTML> Thu, 20 Jan 2011 19:43:12 GMT psk 2011-01-20T19:43:12Z https://connect.hyland.com/t5/alfresco-archive/alfresco-default-security/m-p/250218#M203348 Hi everyone, i'm quite new to Alfresco, i'd like to know something about default security implementation. So i'm looking for infos about how Alfresco handle default input validation, cross site scripting or injections. Is there someone who can help me about it?thankspsk Thu, 20 Jan 2011 19:43:12 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-default-security/m-p/250218#M203348 psk 2011-01-20T19:43:12Z https://connect.hyland.com/t5/alfresco-archive/alfresco-default-security/m-p/250219#M203349 <HTML><HEAD></HEAD><BODY><SPAN>What in particular are you concerned with?&nbsp; </SPAN><BR /><BR /><SPAN>XSS atacks are generally prevented by making sure text is always "encoded" correcty.&nbsp;&nbsp;&nbsp; Likewise SQL injection attacks.</SPAN><BR /><BR /><SPAN>And "input validation" is a broad subject but the high level view is that you can define models in alfresco and then user input will be validated against the constraints defined by those models.</SPAN></BODY></HTML> Thu, 20 Jan 2011 20:23:33 GMT https://connect.hyland.com/t5/alfresco-archive/alfresco-default-security/m-p/250219#M203349 mrogers 2011-01-20T20:23:33Z