Win a copy of Programmer's Guide to Java SE 8 Oracle Certified Associate (OCA) this week in the OCAJP forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Avoid XSS Scripting in JSF.

 
Vinoy Paul
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi ,

I have a out puttext feild like this in my JSP page. I am using framework as JSF.

<h:outputText id="text1"
value="#{History.EndDate}"
escape="false">
</h:outputText>

If the EndDate value is not there i am sending &nbsp; to this variable to avoid the UI distortion(Table border is missing please find the attachment ).
But it leading to a problem of XSS scripting. Even if i send ""(empty space ) the UI distortion is happeneing.

Please help me how i can avoid this issue.

Regards,
Vinoy
Border_issue.png
[Thumbnail for Border_issue.png]
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic