>Hi,
>
>if you want to prevent HTML Cross-Site Scripting (XSS) read this:
>
Great link>
>the database is not the right place for such countermeasures imho.
>
>Regards
>Christian
The question now is - how to deal with after attack problem?
We did implement some measures already but not yet everything that needs to be done. We have another attack today. I'm cleaning the database again, but how exactly should we know what has to be cleaned?
That's the main question now. In other words -dealing with the attack.
If it's not broken, fix it until it is.
My Blog