• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Liutauras Vilda
  • Paul Clapham
Sheriffs:
  • paul wheaton
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Piet Souris
Bartenders:
  • Mike London

JSF value passing to jstl is failing.

 
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi ,

I am facing one issue while trying to avoid the XSS scripting issue. I have code like

<h:outputText id="text49"
value="#{History.abc}"
styleClass="outputText"
escape="false">
</h:outputText>

This code is throwing XSS scripting issue. So i am thinking the easy way to get rid of it just by using <c:out inside value attribute.
But its failing in compilation. Is there any other way i can escape from XSS scripting.

Please help me.
 
Saloon Keeper
Posts: 26546
187
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There's no script there. Why do you think it has a Cross-Site Scripting (XSS) problem?
 
Vinoy Paul
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator



if there is no proper business value in that variable , i am passing &nbsp; to that variable.

If i didnt pass some UI distortion is happening ,like missing the border of the cell.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic