• Umesh Ramaswamy 29
  • 0 Points
  • Member since 2020

  • Chatter
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
  • 1
Greetings, I am working on the Prevent XSS in Force.Com Applications Trailhead, so far I've gotten most of the sections cleared. However, I seem to be stuck with this one. I've attempted many ways to assign JSENCODE, HTMLENCODE and JSINHTMLENCODE where needed but seem to stuck, are there any steps I should take here. My code's below. Hope it helps!
<apex:page controller="XSS_Mitigations_Challenge" sidebar="false" tabStyle="XSS_Mitigations_Challenge__tab">
<apex:sectionHeader title="XSS Mitigations Challenge" />
<apex:form >
    <apex:pageBlock >
        <apex:pageMessages />      
        <apex:pageBlockSection title="Demo" columns="1" id="tableBlock">
            <c:codeLink type="Visualforce" namespace="" edit="true" name="XSS_Mitigations_Challenge" description="Edit this Visualforce page to perform the challenge."/>
            <apex:outputText value="{!JSENCODE(sampleMergeField1)}"/>

            <apex:outputText value="{!HTMLENCODE(sampleMergeField2)}" escape="false"/>

            <apex:outputText >
                var x = '{!JSENCODE(sampleMergeField6)}';
            <apex:outputLabel value="{!sampleMergeField7}" escape="false"/>

        <apex:pageBlockSection title="Code links" columns="1">
            <apex:outputPanel >
                    <li><c:codeLink type="Visualforce" namespace="" name="XSS_Mitigations_Challenge" description="Visualforce Page"/></li>            
                    <li><c:codeLink type="Apex" namespace="" name="XSS_Mitigations_Challenge" description="Apex Controller"/></li>