Apex Code Development You need to sign in to do that
Don't have an account?
Sathish Venkat Injection Vulnerability Prevention - Need help for Prevent XSS challenge
Hello - In the Prevent XSS in Force.com APplications chapter I updated the following code and still the challenge is not complete. Can you please help what is wrong with the code here. Thanks.
<apex:page controller="XSS_Mitigations_Challenge" sidebar="false" tabStyle="XSS_Mitigations_Challenge__tab">
<apex:sectionHeader title="XSS Mitigations Challenge" />
<apex:form >
<apex:pageBlock >
<apex:pageMessages />
<apex:pageBlockSection title="Demo" columns="1" id="tableBlock">
<c:codeLink type="Visualforce" namespace="" edit="true" name="XSS_Mitigations_Challenge" description="Edit this Visualforce page to perform the challenge."/>
<apex:outputText value="{!sampleMergeField1}"/>
<apex:outputText value="{!HTMLENCODE(sampleMergeField2)}" escape="false"/>
<apex:outputText >
{!sampleMergeField3}
</apex:outputText>
<script>
document.write('{!JSENCODE(sampleMergeField4)}');
</script>
{!sampleMergeField5}
<script>
var x = '{!JSENCODE(sampleMergeField6)}';
</script>
<apex:outputLabel value="{!HTMLENCODE(sampleMergeField7)}" escape="false"/>
</apex:pageBlockSection>
<apex:pageBlockSection title="Code links" columns="1">
<apex:outputPanel >
<ul>
<li><c:codeLink type="Visualforce" namespace="" name="XSS_Mitigations_Challenge" description="Visualforce Page"/></li>
<li><c:codeLink type="Apex" namespace="" name="XSS_Mitigations_Challenge" description="Apex Controller"/></li>
</ul>
</apex:outputPanel>
</apex:pageBlockSection>
</apex:pageBlock>
</apex:form>
</apex:page>
Best Answer chosen by Sathish VenkatSathish VenkatIts answered here https://developer.salesforce.com/forums/?id=9060G000000XbgjQAC