You need to sign in to do that
Don't have an account?
chaithaly gowda
Fixing XSS issues : window.location.href ='{!$Currentpage.parameters.retURL}
Hi
I was trying to fix all the issues with XSS in my vf page ,and found this line inside <script> tag
window.location.href ='{!$Currentpage.parameters.retURL}
SO, my question is does it needs to be encoded like window.location.href ='{!JSENCODE($Currentpage.parameters.retURL)} ?????
Please provide me the explanation for better understanding..
Thanks
I was trying to fix all the issues with XSS in my vf page ,and found this line inside <script> tag
window.location.href ='{!$Currentpage.parameters.retURL}
SO, my question is does it needs to be encoded like window.location.href ='{!JSENCODE($Currentpage.parameters.retURL)} ?????
Please provide me the explanation for better understanding..
Thanks
As far as I know, it should not be used in your case