More Information About Preventing Cross-Site
Scripting
Relevant SAP Notes
Topic / Product |
SAP Note Number |
Short Text |
Basic notes regarding the available cross-site scripting libraries |
1582870
|
ABAP XSS Escaping Support |
|
1582867 |
Security options (XSS) for ESCAPE |
AS Java |
1615941 |
Portal XSS Encoding Library - StringUtils |
|
1653473 |
Unauthorized Modification of Displayed Content in HTMLB |
|
1653474 |
Unauthorized Modification of Displayed Content in Web Dynpro |
|
1637338 |
Unauthorized modification of displayed content in UR |
|
1590008 |
JAVA output encoding |
|
1677231 |
The iView creation is failing with broken link |
More Information from non-SAP Organizations
Organization / Vendor |
Documentation |
Reference |
World Wide Web Consortium (W3C) |
HTML 4.01 Specification |
http://www.w3.org/TR/html40 |
|
Extensible Markup Language (XML) 1.0 (Fifth Edition) |
http://www.w3.org/TR/xml |
|
Cascading Style Sheets Level 2 Revision 1 (CSS 2.1) Specification |
http://www.w3.org/TR/CSS21 |
|
Setting the http charset parameter |
http://www.w3.org/International/O-HTTP-charset |
Open Web Application Security Project (OWASP) |
XSS (Cross Site Scripting) Prevention Cheat Sheet |
http://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet |