Ansicht
Dokumentation
ABENSTRING_FUNCTION_ESC_XSS_ABEXA - STRING FUNCTION ESC XSS ABEXA
RFUMSV00 - Advance Return for Tax on Sales/Purchases General Material DataThis documentation is copyright by SAP AG.
- escape for XSS
This example demonstrates the string function escape for preventing XSS.
Source Code
Description
A search term can be entered in a dialog box. An output window provides a search function in the ABAP keyword documentation and with an external search engine. By default, the input is escaped using the function escape and the format cl_abap_format=>e_xss_ml. This prevents cross site scripting (XSS).
The function can be disabled for specific input to demonstrate the effects of an XSS attack. The input makes the links on the output window and the following input field unusable. More harmful functions could be used instead of the JavaScript function alert, but are not allowed in this example.
CPI1466 during Backup CPI1466 during Backup
This documentation is copyright by SAP AG.
Length: 1131 Date: 20240423 Time: 151413 sap01-206 ( 23 ms )