[WEB SECURITY] Taint propagation for Java

vh at vivekhaldar.com vh at vivekhaldar.com
Wed Dec 21 16:45:57 EST 2005

We have implemented a taint propagation scheme (similar to Perl's, but
with some important differences) for Java that helps prevent command
injection attacks in web applications.

Summary: http://www.vivekhaldar.com/blog/?p=19

I've also compiled a list of ongoing research in web application security,
which some folks may find useful:


It is not downloadable (yet), but comments, questions, feedback are most
welcome. I am especially interested in hearing from web developers ---
would something like this help you?


The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list