Thanks Nick for your reply I understand that the developer has to make sure that code is secured. But as you have mentioned module.nocache.js is a build artifact so how do we resolve/ address veracode issues identified in this file?
On Wed, Feb 19, 2020 at 1:35 AM Nick Wilton <[email protected]> wrote: > module.nocache.js is a build artifact, created with GWT. Like all web > technologies it’s up to the developer using GWT to ensure vulnerabilities > like XSS are not introduced. > > There’s further information about avoiding the introduction of XSS > vulnerabilities in GWT applications here: > > http://www.gwtproject.org/doc/latest/DevGuideSecuritySafeHtml.html > > On 19 Feb 2020, at 06:33, kaveri <[email protected]> wrote: > > Veracode has reported 5 places with error - improper neutralization of > script related hrml tags in web page(basic xss) in module.nocache.js at > line number 4, 10, 9 and 13 > > > > Is there any fix to this issue or proper explanation to prove that code is > secured > > -- > You received this message because you are subscribed to the Google Groups > "GWT Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/google-web-toolkit/49e6d69a-fc94-42e1-b70b-14a550044d03%40googlegroups.com > . > > -- > You received this message because you are subscribed to the Google Groups > "GWT Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/google-web-toolkit/6A9B52B4-7575-4EEB-88CC-C9FFD75D9C9D%40guided.net.au > <https://groups.google.com/d/msgid/google-web-toolkit/6A9B52B4-7575-4EEB-88CC-C9FFD75D9C9D%40guided.net.au?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/CA%2Bg1iwLU-UHuPBJS8POKNnxvrQZc0UcHQEErgZ%3DF1ZQ51n9j%2BA%40mail.gmail.com.
