You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wicket.apache.org by "Cabezas Rauch, Pablo Andres [ICG-IT]" <pa...@citi.com> on 2011/05/02 17:27:04 UTC
XFS
Hi team,
We use wicket in our applications since 2 years ago and for us has been a great component. Now we have a security issue related with XSF (cross site scripting) and the solution proposed by our VA team is add the next sentences in the code:
If (document.top) blab la bla.... but this solution in the popup broke our site.
Do you have another solution to fix it (XFS)?
Thanks in advance.
Best Regards;
Pablo Cabezas Rauch
Chile Technology Service Center
+56 2 430 9413
pablo.andres.cabezasrauch@citi.com<ma...@citi.com>
Re: XFS
Posted by pacabe <pa...@citi.com>.
XFS.
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/XFS-tp3495711p3606354.html
Sent from the Forum for Wicket Core developers mailing list archive at Nabble.com.
Re: XFS
Posted by tetsuo <ro...@gmail.com>.
XSS == Cross-site scripting
XSF == Cross-site flashing
XFS == Cross-frame scripting
Which one is your problem? :)
On Mon, May 2, 2011 at 12:27 PM, Cabezas Rauch, Pablo Andres [ICG-IT]
<pa...@citi.com> wrote:
> Hi team,
>
> We use wicket in our applications since 2 years ago and for us has been a great component. Now we have a security issue related with XSF (cross site scripting) and the solution proposed by our VA team is add the next sentences in the code:
>
> If (document.top) blab la bla.... but this solution in the popup broke our site.
>
> Do you have another solution to fix it (XFS)?
>
> Thanks in advance.
>
> Best Regards;
>
> Pablo Cabezas Rauch
> Chile Technology Service Center
> +56 2 430 9413
> pablo.andres.cabezasrauch@citi.com<ma...@citi.com>
>
>