aspose file tools
The moose likes JSF and the fly likes JSF value passing to jstl is failing. Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Java » JSF
Reply Bookmark "JSF value passing to jstl is failing." Watch "JSF value passing to jstl is failing." New topic
Author

JSF value passing to jstl is failing.

Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14
posted private message
0
Quote
hi ,

I am facing one issue while trying to avoid the XSS scripting issue. I have code like

<h:outputText id="text49"
value="#{History.abc}"
styleClass="outputText"
escape="false">
</h:outputText>

This code is throwing XSS scripting issue. So i am thinking the easy way to get rid of it just by using <c:out inside value attribute.
But its failing in compilation. Is there any other way i can escape from XSS scripting.

Please help me.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 14460
    
    7

I like...
Android Eclipse IDE Linux
posted private message
0
Quote
There's no script there. Why do you think it has a Cross-Site Scripting (XSS) problem?

Customer surveys are for companies who didn't pay proper attention to begin with.
Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14
posted private message
0
Quote



if there is no proper business value in that variable , i am passing &nbsp; to that variable.

If i didnt pass some UI distortion is happening ,like missing the border of the cell.
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: JSF value passing to jstl is failing.
 
Similar Threads
Avoid XSS Scripting in JSF.
retrieve a int from backbean and dinamically work with it in the .xhtml in very bizarre way
JSF and trying to display a resultset
Security Remediation in My current application
Sortable DataTable in WebSphere portal