Forum Discussion

sateesh999

Contributor

6 years ago

test

"><img src=x onerror=prompt(/securitytesting/)>

Parshant

Boss

sateesh999, there is no need to Implement validation in TinyMCE, The data extract from TinyMCE is already prevented from XSS.

When you are not using any OOB component, and using cistomization anywhere to display data then only you need to check data for auto-escaping and output formats for XSS in freemarker.

sateesh999

Contributor

6 years ago

Thanks for your response Prashanth,

Ok, I understand, but I have gone through the "start a discussion" button in Koros and entered a few sample script like ["><img src=x onerror=prompt(/securitytesting/)>"] It has not allowed the script and throwing error message also.

The same thing I need in our community, I tried it in Studio on the community platform but very limited options are provided.
How can I get that error message for the text area?

Thanks,

Sateesh.

Forum Discussion

test

Related Content

Aurora: Create test accounts for troubleshooting

Environment to test API Calls

Test interaction style of current node

Automate Testing for khoros platform

[SDK] "package-plugin" and "submit-plugin" missing tests

Recent Discussions

How to fetch all labels associated with TkbArticlePage and count how many times each label is used

In Aurora, add additional <script> and <meta> tags

Setup content filter for arabic language

24.10 API change breaks navigation

How to create/subscribe the Webhook in Aurora