wood burning stoves 2.0*
The moose likes JSF and the fly likes JSF value passing to jstl is failing. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "JSF value passing to jstl is failing." Watch "JSF value passing to jstl is failing." New topic
Author

JSF value passing to jstl is failing.

Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14
hi ,

I am facing one issue while trying to avoid the XSS scripting issue. I have code like

<h:outputText id="text49"
value="#{History.abc}"
styleClass="outputText"
escape="false">
</h:outputText>

This code is throwing XSS scripting issue. So i am thinking the easy way to get rid of it just by using <c:out inside value attribute.
But its failing in compilation. Is there any other way i can escape from XSS scripting.

Please help me.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15662
    
  15

There's no script there. Why do you think it has a Cross-Site Scripting (XSS) problem?


Customer surveys are for companies who didn't pay proper attention to begin with.
Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14



if there is no proper business value in that variable , i am passing &nbsp; to that variable.

If i didnt pass some UI distortion is happening ,like missing the border of the cell.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JSF value passing to jstl is failing.
 
Similar Threads
Avoid XSS Scripting in JSF.
retrieve a int from backbean and dinamically work with it in the .xhtml in very bizarre way
Sortable DataTable in WebSphere portal
JSF and trying to display a resultset
Security Remediation in My current application