Input validation should be applied on both syntactical and semantic level.Syntactic validation should enforce correct syntax of structured fields (e.g.
This does not mean that other users cannot access this mailbox, for example when the user makes use of a service that generates a throw away email address.
As the local-part of email addresses are, in fact - case sensitive, it is important to store and compare email addresses correctly.
$"); public void do Post( Http Servlet Request request, Http Servlet Response response) Be aware that any Java Script input validation performed on the client can be bypassed by an attacker that disables Java Script or uses a Web Proxy.
Ensure that any input validation performed on the client is also performed on the server.
Detailed information on XSS prevention here: OWASP XSS Prevention Cheat Sheet Many websites allow users to upload files, such as a profile picture or more. Many web applications do not treat email addresses correctly due to common misconceptions about what constitutes a valid address.