Tuesday, February 18, 2020

Re: Veracode detected 5 XSS issues in nocache.js

module.nocache.js is a build artifact, created with GWT. Like all web technologies it's up to the developer using GWT to ensure vulnerabilities like XSS are not introduced.

There's further information about avoiding the introduction of XSS vulnerabilities in GWT applications here:


On 19 Feb 2020, at 06:33, kaveri <dusanekaveri@gmail.com> wrote:

Veracode has reported 5 places with error - improper neutralization of script related hrml tags in web page(basic xss) in module.nocache.js at line number 4, 10, 9 and 13

Is there any fix to this issue or proper explanation to prove that code is secured

--
You received this message because you are subscribed to the Google Groups "GWT Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/49e6d69a-fc94-42e1-b70b-14a550044d03%40googlegroups.com.

No comments:

Post a Comment