Search found 52 matches
- Fri May 16, 2014 7:45 am
- Forum: Issues
- Topic: Unique Response Mapping
- Replies: 7
- Views: 847
- Jump to post
Unique Response Mapping
I actually would still value from learning how to do this. When I create a mapping of a response to a list, I want to run javascript on this section. Now, the trick is that I want to assign values to the children of the list (the unique listitem) based on the results of the response (singleton JSON,...
- Thu May 08, 2014 5:27 am
- Forum: Issues
- Topic: Unique Response Mapping
- Replies: 7
- Views: 847
- Jump to post
Unique Response Mapping
Got it. My solution involved not running javascript from the array ($[]), but pointing the value I want to check to the visibility field of to both the image and header components, respectively. Then. I used: $(element).css(..., ...); or $(element).attr(..., ...); and returned true because its the v...
- Thu May 08, 2014 5:14 am
- Forum: Issues
- Topic: Unique Response Mapping
- Replies: 7
- Views: 847
- Jump to post
Unique Response Mapping
I am trying to run some javascript on a listitem response to set the background color depending on a value of the response itself. But only the first item in the list accurately reflects the javascript. Value is the current iteration of the list response ($[]), so I check the type response and when ...
- Thu May 08, 2014 1:24 am
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
Where the replacement parameters don't have spaces in them. Too lazy to escape them on here
- Thu May 08, 2014 1:19 am
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
I figured out that this works nicely.
string = string.replace(/&/g, '& a m p;').replace(/< /g, '& l t ;').replace(/>/g, '& g t;').replace(/"/g, '& q u o t;');
Please let me know if this is still buggy
- Thu May 08, 2014 1:05 am
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
I am aware of this, the second snippit of code is in another location (I assumed you would see that I converted it or else I would be getting errors...). I send convert as an object to the service, and then parse the contents to get the desired result (many fields like ID as specified). Regardless, ...
- Wed May 07, 2014 5:58 pm
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
Okay, so since you claim that stopping this text problem can be stopped as early as setting the text value of a label then please explain where the hole is. I type a message in an input, then submit it to a service to be stored: var me = localStorage.getItem('myFirstName'); var test = Appery('messag...
- Wed May 07, 2014 5:01 pm
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
I used Appery('').append() where I pass in a custom built DOM object (string). Could you tell me how the Apperyio().text() prevents this?
- Wed May 07, 2014 6:43 am
- Forum: Issues
- Topic: XSS Scripting Injection prevention?
- Replies: 8
- Views: 724
- Jump to post
XSS Scripting Injection prevention?
I have a service which appends (update service) text to an attribute. The text gets displayed later on other parts of my app. This chat service has one big problem, XSS. What is appery's recommended mitigation for this? Q: Is there a way to prevent someone from injecting: <script> alert(...
- Wed May 07, 2014 5:32 am
- Forum: Issues
- Topic: XSS Prevention
- Replies: 3
- Views: 564
- Jump to post
XSS Prevention
I said that on a update service I write an input field to a database, then update the page to reflect the user message that was uploaded. However, I can write things like : <script> alert("Bug"); </script> into the text field and it will execute the script. This is ...