Label: cross-site-scripting

Content with label cross-site-scripting in RHQ (See content from all spaces)
Related Labels: xss, security, gwt

Page: Escaping or Sanitizing HTML
Escaping or Sanitizing HTML Overview A field that is usereditable and later displayed somewhere in the GUI as static text should have any HTML within its value either escaped or sanitized to prevent a user from being able to include malicious JavaScript ...
Other labels: security, xss, gwt