Hi,
I got rid of this javascript error, that was due to incorrect design, I think.
devicesGroup is a CheckGroup
devicesGroup = new CheckGroup("devicesGroup", new ArrayList()) {
@Override
public boolean isVisible() {
super.isVisible();
TL;DR In general wicket app should do server side validation and if client
submits a valid query then it might not be a problem, or you need to add
validation.
Does this ring a bell?
**
Martin
ti 8. marrask. 2022 klo 6.03 Jonathan P. Babie (jba...@osc.ny.gov.invalid)
kirjoitti:
> Hello,
>
>
Hello,
Our Wicket web application went through an app scan. We understand most
problems that came back from the report and have solutions, but one that's
troubling us is:
Blind XPath Injection
Severity: Medium
CVSS Score: 6.4
Entity: regionFormGroup:regionFormGroup_body:regionTextField
I apologize, it looks like the screenshot I provided didn't come through, here
are the details describing the problem:
Host Header Injection
Severity: Low
CVSS Score: 5.0
URL: https://example.domain.com/lgmm
Entity: lgmm (Page)
Risk: It is possible to persuade a naive user to supply sensitive
Hello,
Our Wicket web application went through an app scan. We understand most
problems that came back from the report and have solutions, but one that's
troubling us is:
[cid:f744744c-2d7a-4cd8-9179-ef02d9dc6ea4]
I've omitted our URLs, but essentially it seems they were able to manipulate
Hi Laurent,
The problem is the JavaScript error: Uncaught TypeError: b is null.
It seems there is some bug in
"Wicket.CheckboxSelector.updateSelectorState(c,e)},initializeSelector:function(c,d){var
b=document.getElementById(c); ..."
Due to this JS error Wicket cannot replace neither the
If I add the entire page (which is defeating the entire "Ajax" idea I
think.), it works. The new list is painted
> target.get().add(getPage());
If I add only the feedback panel, it is is painted.
> target.get().add(feedbackPanel);
If I add both, the feedbackpanel is not painted... Go