• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
Sheriffs:
  • paul wheaton
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Piet Souris
Bartenders:
  • Mike London

Avoid XSS Scripting in JSF.

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi ,

I have a out puttext feild like this in my JSP page. I am using framework as JSF.

<h:outputText id="text1"
value="#{History.EndDate}"
escape="false">
</h:outputText>

If the EndDate value is not there i am sending &nbsp; to this variable to avoid the UI distortion(Table border is missing please find the attachment ).
But it leading to a problem of XSS scripting. Even if i send ""(empty space ) the UI distortion is happeneing.

Please help me how i can avoid this issue.

Regards,
Vinoy
Border_issue.png
[Thumbnail for Border_issue.png]
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic