Show TOC Anfang des Inhaltsbereichs

Hintergrunddokumentation SAP Encoding Functions for JavaScript  Dokument im Navigationsbaum lokalisieren

Even though the rules described in Avoiding XSS by Using Correct Output Encoding and Output Encoding Contexts allow for developing your own encoding methods, there are central functions (that is, libraries) that provide encoding for the different contexts. This topic describes functions available from SAP for JavaScript.

Encoding Functions for JavaScript

SAP UI Development Kit for HTML5

For the SAP UI Development Kit for HTML5, the encoding functions are implemented as a jQuery plug-in in framework/_core/src/main/js/jquery.sap.encoder.js.

The functions to use for the different contexts are:

Context

Functions

HTML / XML

jQuery.sap.encodeHTML(sValue) and jQuery.sap.encodeXML(sValue)

JavaScript

jQuery.sap.encodeJS(sValue)

URL

jQuery.sap.encodeURL(sValue)

CSS

jQuery.sap.encodeCSS(sValue)

 

Ende des Inhaltsbereichs