Hi, In the process of implementing C5 based products, we need to follow secure coding patterns, specially HTML encoding to prevent Cross-Site Scripting (XSS) etc. Since C5 based products are using the UUF framework, I think it's better to enforce most of the UI security best practices from the framework side.
Currently is that support available in the framework? If so, what are the security considerations? If available, I think it's better if you can document it for the references. If you haven't still consider it, you can refer [1] and follow applicable guidelines when implementing. And also you can update [1] with the supported practices in UUF. [1] https://docs.google.com/document/d/1vhKMFRygUJwJ3cx-Bat3qVYRfTv-_ZyxaLXCLMGFDLY/edit# Thanks and Regards -- Indunil Upeksha Rathnayake Software Engineer | WSO2 Inc Email [email protected] Mobile 0772182255
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
