htmLawed is a PHP script that makes input text more secure, HTML standards-compliant, and suitable in general from the viewpoint of a Web-page administrator, for use in the body of HTML 4 or XHTML 1 or 1.1 documents. It is a customizable HTML/XHTML filter, processor, purifier, and sanitizer. It can ensure that HTML tags are balanced and properly nested tags, neutralize code that may be used for cross-site scripting (XSS) attacks, and limit the allowed HTML elements, tags, attributes, or URL protocols.
AuthenticRoast allows you to build highly flexible authentication mechanisms for the Java Web tier. This can be anything from HTTP Basic authentication to authenticating with openid, facebook, or your company's Kerberos setup. The authentication modules can be combined at will and even changed at runtime. This currently works for glassfish and plain Tomcat, and allows you to use all the features of container-managed security without being constrained to the simple login methods provided.