I suggest you have a look at the OWASP website, it’s an excellent resource to
understand this vulnerability and how to address it.
https://owasp.org/www-community/attacks/xss/
--
You received this message because you are subscribed to the Google Groups "GWT
Users" group.
To unsubscribe from
Thanks Nick for your reply
I understand that the developer has to make sure that code is secured. But
as you have mentioned module.nocache.js is a build artifact so how do we
resolve/ address veracode issues identified in this file?
On Wed, Feb 19, 2020 at 1:35 AM Nick Wilton wrote:
>
module.nocache.js is a build artifact, created with GWT. Like all web
technologies it’s up to the developer using GWT to ensure vulnerabilities like
XSS are not introduced.
There’s further information about avoiding the introduction of XSS
vulnerabilities in GWT applications here:
Veracode has reported 5 places with error - improper neutralization of script
related hrml tags in web page(basic xss) in module.nocache.js at line number 4,
10, 9 and 13
Is there any fix to this issue or proper explanation to prove that code is
secured
--
You received this message because
Frank - Thanks for the reply, but it would be good to understand the plans
to complete the GWT 2.9 release - particularly with reference to Java 11
support. Any insight there?
On Monday, January 27, 2020 at 4:23:09 AM UTC-5, Frank Hossfeld wrote:
>
> Atm the community is very active. We are