• Post Reply Bookmark Topic Watch Topic
  • New Topic

cross site scripting problem  RSS feed

 
chandrakanth boga
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When i update the form ....in the subject i place the <script>alert("XXS")<script>
and also in the contents i will place same script and update .
It should not allow me to update.But it is allowing to update.
How to prevent it ...how to resolve it
 
Muhammad Saifuddin
Ranch Hand
Posts: 1325
Android Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I didn't get what you want to do.. with script code..
can you tell why and where you want to implement this ?
 
chandrakanth boga
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Actually we need to check the security .As per our HO instructions we need to put this script in the form and update it.And it should not allow us to update it.
 
Muhammad Saifuddin
Ranch Hand
Posts: 1325
Android Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sounds like preventing a user to update something in database without cross checking some javascript security..

am i understand correct..?
[ February 07, 2007: Message edited by: Saif uddin ]
 
chandrakanth boga
Ranch Hand
Posts: 49
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes you are right...
Please provide the solution to handle this problem
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!