You need to sign in to do that
Don't have an account?
Praneetha Murakonda
Cross Site Scripting issue in <apex:outputText>
Hi All,
I'm fetching the "Body" value from Idea object , it can be either Text or Image in <apex:outputText > like below .
<apex:outputText value="{!varObjIdea.objIdea.Body}" escape="false"/>
I'm facing Stored XSS issue in VisualForce Page in <apex:outputText >
So,I'm trying to use Encoded methods [HTMLENCODE,JSENCODE,JSINHTMLENCODE,URLENCODE] in <apex:outputText> like
<apex:outputText value="{!HTMLENCODE(varObjIdea.objIdea.Body)}" escape="false"/>.
But not able to display Image on visualforce page. Its is displaying as text format
If any one knows the solution for this problem, Please let me know
Thanks!
I'm fetching the "Body" value from Idea object , it can be either Text or Image in <apex:outputText > like below .
<apex:outputText value="{!varObjIdea.objIdea.Body}" escape="false"/>
I'm facing Stored XSS issue in VisualForce Page in <apex:outputText >
So,I'm trying to use Encoded methods [HTMLENCODE,JSENCODE,JSINHTMLENCODE,URLENCODE] in <apex:outputText> like
<apex:outputText value="{!HTMLENCODE(varObjIdea.objIdea.Body)}" escape="false"/>.
But not able to display Image on visualforce page. Its is displaying as text format
If any one knows the solution for this problem, Please let me know
Thanks!
VF page: