XFS

["Cabezas Rauch, Pablo Andres [ICG-IT]" <pa...@citi.com>]

Hi team,

We use wicket in our applications since 2 years ago and for us has been a great component. Now we have a security issue related with XSF (cross site scripting) and the solution proposed by our VA team is add the next sentences in the code:

If (document.top) blab la bla.... but this solution in the popup broke our site.

Do you have another solution to fix it (XFS)?

Thanks in advance.

Best Regards;

Pablo Cabezas Rauch
Chile Technology Service Center
+56 2 430 9413
pablo.andres.cabezasrauch@citi.com<ma...@citi.com>

Re: XFS

[pacabe <pa...@citi.com>]

XFS.



--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/XFS-tp3495711p3606354.html
Sent from the Forum for Wicket Core developers mailing list archive at Nabble.com.

Re: XFS

[tetsuo <ro...@gmail.com>]

XSS == Cross-site scripting
XSF == Cross-site flashing
XFS == Cross-frame scripting

Which one is your problem? :)




On Mon, May 2, 2011 at 12:27 PM, Cabezas Rauch, Pablo Andres [ICG-IT]
<pa...@citi.com> wrote:
> Hi team,
>
> We use wicket in our applications since 2 years ago and for us has been a great component. Now we have a security issue related with XSF (cross site scripting) and the solution proposed by our VA team is add the next sentences in the code:
>
> If (document.top) blab la bla.... but this solution in the popup broke our site.
>
> Do you have another solution to fix it (XFS)?
>
> Thanks in advance.
>
> Best Regards;
>
> Pablo Cabezas Rauch
> Chile Technology Service Center
> +56 2 430 9413
> pablo.andres.cabezasrauch@citi.com<ma...@citi.com>
>
>