Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

JSF value passing to jstl is failing.  RSS feed

 
Vinoy Paul
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi ,

I am facing one issue while trying to avoid the XSS scripting issue. I have code like

<h:outputText id="text49"
value="#{History.abc}"
styleClass="outputText"
escape="false">
</h:outputText>

This code is throwing XSS scripting issue. So i am thinking the easy way to get rid of it just by using <c:out inside value attribute.
But its failing in compilation. Is there any other way i can escape from XSS scripting.

Please help me.
 
Tim Holloway
Bartender
Posts: 18531
61
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There's no script there. Why do you think it has a Cross-Site Scripting (XSS) problem?
 
Vinoy Paul
Greenhorn
Posts: 16
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator



if there is no proper business value in that variable , i am passing &nbsp; to that variable.

If i didnt pass some UI distortion is happening ,like missing the border of the cell.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!