wood burning stoves 2.0*
The moose likes JSF and the fly likes JSF value passing to jstl is failing. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "JSF value passing to jstl is failing." Watch "JSF value passing to jstl is failing." New topic
Author

JSF value passing to jstl is failing.

Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14
hi ,

I am facing one issue while trying to avoid the XSS scripting issue. I have code like

<h:outputText id="text49"
value="#{History.abc}"
styleClass="outputText"
escape="false">
</h:outputText>

This code is throwing XSS scripting issue. So i am thinking the easy way to get rid of it just by using <c:out inside value attribute.
But its failing in compilation. Is there any other way i can escape from XSS scripting.

Please help me.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16022
    
  20

There's no script there. Why do you think it has a Cross-Site Scripting (XSS) problem?


Customer surveys are for companies who didn't pay proper attention to begin with.
Vinoy Paul
Greenhorn

Joined: Jun 16, 2011
Posts: 14



if there is no proper business value in that variable , i am passing &nbsp; to that variable.

If i didnt pass some UI distortion is happening ,like missing the border of the cell.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: JSF value passing to jstl is failing.