You need to sign in to do that
Don't have an account?
Security Issues in Package posting
hi i have getting security issues regarding
""returnUrl = apexpages.currentpage().getparameters().get('returnUrl');""
and
""pagereference p = new pagereference(returnUrl);
return p;""
in the following class.
Please solve this issue.
public with sharing class classexample {
public classexample()
{
c= new contact();
paramMap = apexpages.currentpage().getparameters();
list1 = new List<String>(paramMap.keySet());
for(integer i=0;i<list1.size();i++){
paramName = list1.get(i);
paramValue = paramMap.get(paramName);
if(paramName != 'returnUrl' && paramName !='core.apexpages.devmode.url')
{
c.put(paramName,paramValue);
}
}
returnUrl = apexpages.currentpage().getparameters().get('returnUrl');
}
public contact c;
public string lastname{get;set;}
public string firstname{get;set;}
public string paramName{get;set;}
public string paramValue{get;set;}
public List<String> list1{get;set;}
public map<string,string> paramMap{get;set;}
public string returnUrl;
public pagereference autorun()
{
if(c.lastname!=null)
{
insert c;
}
if(returnUrl!=null)
{
pagereference p = new pagereference(returnUrl);
p.setredirect(true);
return p;
}else
{
return null;
}
} }