- Mark as New
- Follow
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report
Hi everyone.
I created a web application for seminar registration in Adobe Campaign Classic v7.
This is my workflow:
Client wants to apply encryption and XSS protection on the client and server side to the payload before submitting it.
I have checked built-in functions in Campaign such as cryptString(), decryptString() and NL.JS.escape().
This is my script inside the Page activity:
<script type="text/javascript">
// <![CDATA[
function formSubmit(e) {
<script type="text/javascript">
// <![CDATA[
function formSubmit(e) {
var firstName = document.getElementById("firstName").value;
var email = document.getElementById("email").value;
var memberId = document.getElementById("memberId").value;
var memberId = document.getElementById("memberId").value;
var mobile = document.getElementById("mobilePhone").value;
document.controller.setValue('/ctx/vars/firstName', firstName);
document.controller.setValue('/ctx/vars/email', email);
document.controller.setValue('/ctx/vars/memberId', memberId);
document.controller.setValue('/ctx/vars/mobile', mobile);
document.controller.setValue('/ctx/vars/memberId', memberId);
document.controller.setValue('/ctx/vars/mobile', mobile);
document.controller.submit('next');
return false;
}
// ]]>
</script>
// ]]>
</script>
I tried to use the cryptString() during setValue like this:
document.controller.setValue('/ctx/vars/memberId', '<%= cryptString("' + memberId + '")%>');
However, instead of encrypting the value entered in the textfield, it's actually encrypting the string " + memberId + ".
Is there any way we can do this?
document.controller.setValue('/ctx/vars/memberId', '<%= cryptString("' + memberId + '")%>');
However, instead of encrypting the value entered in the textfield, it's actually encrypting the string " + memberId + ".
Is there any way we can do this?
Any help is greatly appreciated.
Solved! Go to Solution.