module.nocache.js is a build artifact, created with GWT. Like all web technologies it’s up to the developer using GWT to ensure vulnerabilities like XSS are not introduced.
There’s further information about avoiding the introduction of XSS vulnerabilities in GWT applications here: http://www.gwtproject.org/doc/latest/DevGuideSecuritySafeHtml.html > On 19 Feb 2020, at 06:33, kaveri <dusanekav...@gmail.com> wrote: > > Veracode has reported 5 places with error - improper neutralization of > script related hrml tags in web page(basic xss) in module.nocache.js at line > number 4, 10, 9 and 13 > > Is there any fix to this issue or proper explanation to prove that code is > secured > > -- > You received this message because you are subscribed to the Google Groups > "GWT Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to google-web-toolkit+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/google-web-toolkit/49e6d69a-fc94-42e1-b70b-14a550044d03%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/6A9B52B4-7575-4EEB-88CC-C9FFD75D9C9D%40guided.net.au.