XSS Protection for text fields | Community
Skip to main content
R
ratans
April 1, 2022

XSS Protection for text fields

  • April 1, 2022
  • 1 reply
  • 651 views

Hello Team,

I am new to aem and frontend, I have already developed project in which a vulnerability is reported for xss injection in text fields(when inserting script to show alert in text field I am getting that alert). I am trying to implement a solution at global level to stop xss scripts. For this I am overlaying the xss protection folder in apps/cq and modifying the config.xml file. I tried several entries one by one
<attribute name="text">

    <regexp-list>

        <regexp value = "[a-zA-Z0-9]"/>

    </regexp-list>

</attribute>

also I tried modifying the existing entry for input tag 

<attribute name="value">

    <regexp-list>

        <regexp value = "[a-zA-Z0-9]"/>

    </regexp-list>

</attribute>

 

Please let me know how can I stop xss injection in fields.

 

 

Thanks for Help

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

arunpatidar
Community Advisor
arunpatidarCommunity Advisor
Community Advisor
April 5, 2022

Hi,

How does the HTML snippet look like for text component?

Can you share the example?

Arun Patidar
    Terms & ConditionsAccessibility statement

    Loading footer...