Skip to main content

 

 

Documentation
OutSystems 10
Reference
Errors and Warnings
Warnings
JavaScript Injection Warning
Warnings

 

 
Language:
English|日本語
 
 
 
OutSystems

JavaScript Injection Warning

  1. Last updated
  2. Save as PDF
Message
Ensure the expression is protected by using EncodeJavaScript(), or VerifyJavascriptLiteral() from the Sanitization extension, to avoid security flaws.
Cause
The expression mentioned in the warning has a value that comes from the end-user input and that is susceptible to contain malicious content.
Recommendation

Do one of the following:

  • Use the EncodeJavascript() built-in function to replace all JavaScript reserved characters by their escaped counterpart;
  • Use the VerifyJavascriptLiteral() function from the Sanitization extension module to ensure that the value entered by the end-user only contains valid JavaScript or JSON literals.
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
    Owner
    TechComm
  2. Tags
    This page has no tags.