administractor
05-08-2015, 11:48 AM
I need to display in browser, a value that comes from url parameters. To avoid XSS attacks this value should to be escaped.
The value is set in PScreens.xml as following :
<screen name="Product">
<section>
<actions>
<set field="productId" from-field="parameters.productId"/>
</actions>
<widgets>
...
</widgets>
And is included in PForms.xml :
<field name="productId" tooltip="${uiLabelMap.ProductId} [${productId}]"><text /></field>
Initially I tried to escape the value from PForms.xml:
tooltip="${uiLabelMap.ProductId} [${productId}]"
but I did not found any solution.
Can you suggest a solution to escape the value from PScreens.xml?
<set field="productId" from-field="parameters.productId"/>
Thank You.
The value is set in PScreens.xml as following :
<screen name="Product">
<section>
<actions>
<set field="productId" from-field="parameters.productId"/>
</actions>
<widgets>
...
</widgets>
And is included in PForms.xml :
<field name="productId" tooltip="${uiLabelMap.ProductId} [${productId}]"><text /></field>
Initially I tried to escape the value from PForms.xml:
tooltip="${uiLabelMap.ProductId} [${productId}]"
but I did not found any solution.
Can you suggest a solution to escape the value from PScreens.xml?
<set field="productId" from-field="parameters.productId"/>
Thank You.