Starting November 20, the site will be set to read-only.
On December 4, 2023,
Apex Code Development (90768)
General Development (55146)
Visualforce Development (37251)
Lightning (18265)
APIs and Integration (17146)
Trailhead (11680)
Formulas & Validation Rules Discussion (11337)
Other Salesforce Applications (8116)
Jobs Board (6655)
Force.com Sites & Site.com (4842)
Mobile (2694)
You need to sign in to do that
Don't have an account?
soni rajput Hi,
I am going to launch an app exchange app but in my code i am using <apex: outputText escape="False"> and this line giving XSS attack issue. So how to resolve this issue?
its Urgent.
Thanks,
Soni
Hi Soni,
This issue can be resolved by using Dynamic Visualforce. Here is a wonderful blog by Tehnrd in which he explains how to use dynamic visualforce
http://www.tehnrd.com/dynamic-visualforce-components-why-they-scare-the-ish-out-of-me/
Thanks,
Pragati
All Answers
If you need to be able to output HTML markup, the only other way I can think of to do that is to copy the information into a rich text area field. Obviously that has to be on an sobject, so you'll need to create one, or re-use and existing one, to act as a carrier for this data.
Hi Soni,
This issue can be resolved by using Dynamic Visualforce. Here is a wonderful blog by Tehnrd in which he explains how to use dynamic visualforce
http://www.tehnrd.com/dynamic-visualforce-components-why-they-scare-the-ish-out-of-me/
Thanks,
Pragati