You need to sign in to do that
Don't have an account?
Sathish Venkat
Injection Vulnerability Prevention - Need help for Prevent XSS challenge
Hello - In the Prevent XSS in Force.com APplications chapter I updated the following code and still the challenge is not complete. Can you please help what is wrong with the code here. Thanks.
<apex:page controller="XSS_Mitigations_Challenge" sidebar="false" tabStyle="XSS_Mitigations_Challenge__tab"> <apex:sectionHeader title="XSS Mitigations Challenge" /> <apex:form > <apex:pageBlock > <apex:pageMessages /> <apex:pageBlockSection title="Demo" columns="1" id="tableBlock"> <c:codeLink type="Visualforce" namespace="" edit="true" name="XSS_Mitigations_Challenge" description="Edit this Visualforce page to perform the challenge."/> <apex:outputText value="{!sampleMergeField1}"/> <apex:outputText value="{!HTMLENCODE(sampleMergeField2)}" escape="false"/> <apex:outputText > {!sampleMergeField3} </apex:outputText> <script> document.write('{!JSENCODE(sampleMergeField4)}'); </script> {!sampleMergeField5} <script> var x = '{!JSENCODE(sampleMergeField6)}'; </script> <apex:outputLabel value="{!HTMLENCODE(sampleMergeField7)}" escape="false"/> </apex:pageBlockSection> <apex:pageBlockSection title="Code links" columns="1"> <apex:outputPanel > <ul> <li><c:codeLink type="Visualforce" namespace="" name="XSS_Mitigations_Challenge" description="Visualforce Page"/></li> <li><c:codeLink type="Apex" namespace="" name="XSS_Mitigations_Challenge" description="Apex Controller"/></li> </ul> </apex:outputPanel> </apex:pageBlockSection> </apex:pageBlock> </apex:form> </apex:page>
Best Answer chosen by Sathish Venkat
Sathish Venkat
Its answered here https://developer.salesforce.com/forums/?id=9060G000000XbgjQAC