It's not a secret anymore!*
The moose likes JSF and the fly likes Avoid XSS Scripting in JSF. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "Avoid XSS Scripting in JSF." Watch "Avoid XSS Scripting in JSF." New topic
Author

Avoid XSS Scripting in JSF.

Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14
hi ,

I have a out puttext feild like this in my JSP page. I am using framework as JSF.

<h:outputText id="text1"
value="#{History.EndDate}"
escape="false">
</h:outputText>

If the EndDate value is not there i am sending &nbsp; to this variable to avoid the UI distortion(Table border is missing please find the attachment ).
But it leading to a problem of XSS scripting. Even if i send ""(empty space ) the UI distortion is happeneing.

Please help me how i can avoid this issue.

Regards,
Vinoy


[Border_issue.png]

 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Avoid XSS Scripting in JSF.
 
Similar Threads
JSF 1.2 passing parameter to Managed Bean method
Security Remediation in My current application
retrieve a int from backbean and dinamically work with it in the .xhtml in very bizarre way
XSS attack - prevention - AJAX ?
how to avoid Cross site scripting ?