smartgwt XSS tutorial

You need to login (link above) before you can post. If you do not yet have an account, please register.

Blama replied

18 Nov 2014, 07:36
Hello roywang,

The QSG is not on XSS, but SmartGWT in general and definitely a good read.
You should also read the FAQ-thread here and you can use the forums search. I know that the XSS topic came up sometime this year.
Basically I think you are fine with either escapeHtml or Validators disallowing HTML special characters to be entered.

Best regards,
Blama
Leave a comment:
roywang replied

18 Nov 2014, 07:26
Thanks, Blama, I will read it carefully, is there anymore tutorial focusing on XSS with smartgwt?
Leave a comment:
Blama replied

18 Nov 2014, 07:11
Hello roywang,

as starter: Did you read the Quick Start Guide and did you see DataSourceField.escapeHTML?

Best regards,
Blama
Leave a comment:
roywang started a topic smartgwt XSS tutorial

18 Nov 2014, 07:00
smartgwt XSS tutorial

I am working on fixing the XSS vulnerability of a website which is using smartgwt. Is there any tutorial on cross site scripting with smartgwt? Will smartgwt handle XSS automatically? Or can someone give an overview or some guidelines of how to fix XSS with smartgwt?

Last edited by roywang; 18 Nov 2014, 07:03.
Tags: None

Previous template Next

Working...

Announcement