You need to sign in to do that
Don't have an account?
Problem in Javascript
Hi,
I am going to launch an aap on appexchange and i have created a function through javascript code in this to redirect to diffirent page. Page is redirected when callBack function is called. In redirecting i am passing an array in url so how to prevent it from XSS attack. The script of this is given below.
<script>
function callback(results, status) {
if (status == google.maps.places.PlacesServiceStatus.OK) {
for (var i = 0; i < results.length; i++) {
var str = results[i].vicinity
var j = str.lastIndexOf(",");
str = str.substring(j + 2, str.length);
if (array1 == null) array1 = str + ';';
else array1 = array1 + str + ';';
}
array1 = array1 + geoip_city();
}
var url = '/apex/searcheventvf2?city=' + array1;
window.open(url, '_self', 'width=400,height=200');
}
</script>
I have gone through some links to prevent it from XSS attack but could not understand. Please help me on this.
There are follwing salesfroce doc with examples that might help u
1) http://www.salesforce.com/us/developer/docs/apexcode/Content/pages_security_tips_xss.htm
2) http://wiki.developerforce.com/page/Secure_Coding_Cross_Site_Scripting
Hi SRK,
I could not understand how to do this in passing an array in url or inserting an element in a java script array.
Thanks,
Soni
Hi even i don't have much idea about it
but what i understand
as u can see in below mention code try are intilatizing the varable foo with 2
Hi SRK,
You mean to say i have to in initialize variables in following way
i am still look for much better example