XSS (Cross Site Scripting) (Project WebSynergy Milestone 4 Administration Guide)

Project WebSynergy Milestone 4 Administration Guide

Previous: Last Modified
Next: Communication Link

XSS (Cross Site Scripting)

Set the following to false to ensure that all persisted data is stripped of XSS hacks.

xss.allow=false

You can override the xss.allow setting for a specific class by setting the property xss.allow plus the class name.

xss.allow.com.liferay.portal.model.Portlet=true
xss.allow.com.liferay.portal.model.PortletPreferences=true

You can override the xss.allow setting for a specific field in a class by setting the property xss.allow plus the class and field name.

xss.allow.com.liferay.portlet.journal.model.JournalArticle.content=true
xss.allow.com.liferay.portlet.journal.model.JournalStructure.xsd=true
xss.allow.com.liferay.portlet.journal.model.JournalTemplate.xsl=true

Previous: Last Modified
Next: Communication Link