You need to sign in to do that
Don't have an account?
Deepa Sekar
Avoid unescaped/sanitized content in output
Hi there!
While running sonar I'm running into this issue
"Unescaped Attribute Value XSS"
Snippet:
---------------------start--------------------------
<lightning:buttonIcon tooltip="some txt" alternativeText="txt" variant="bare" type="reset" iconName="utility:clear"
onclick="{!v.variableName}"></lightning:buttonIcon>
---------------------end--------------------------
Thi is the message that gets thrown
"Avoid unescaped/sanitized content in output".
Any suggestions to sanitize the variable variableName ?
While running sonar I'm running into this issue
"Unescaped Attribute Value XSS"
Snippet:
---------------------start--------------------------
<lightning:buttonIcon tooltip="some txt" alternativeText="txt" variant="bare" type="reset" iconName="utility:clear"
onclick="{!v.variableName}"></lightning:buttonIcon>
---------------------end--------------------------
Thi is the message that gets thrown
"Avoid unescaped/sanitized content in output".
Any suggestions to sanitize the variable variableName ?
Requesting you to go through this help article -> https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/pages_security_tips_scontrols.htm
Hope it helps !
Thank you.
Thanks for the response.
I went through that article and the next next articles- none of them suit my case.
Sanitizing <lightning:buttonIcon>'s onClick variable with [HTMLENCODE/JSENCODE/..] none of them work in my case of aura component.