WARNING: I am a newbie, so some of this may seem pretty disjointed. I've been going through the "Apache OFBiz Development: The Beginners Tutorial" book. I know that my first problem was that the book is written for the release 4.0, and I'm working in 9.04. I thought resolving the discrepancies would be a valuable part of my education.
Here's the problem I'm dealing with: My HTML tags are showing up when they shouldn't be. I'm smart enough to figure out that this relates the to XSS countermeasures that you guys are rolling out. I've been searching the forums, but all I find for guidance is a bunch of threads about how to suppress the countermeasures (I'll admit that I probably don't have the vocabulary to search intelligently). I don't want to do that; I just want to figure out how to make it work the way you've designed it. Can someone PLEASE walk me through a real-world example? I went into the OOTB code looking for a model and found that the blog capability in the ecommerce app hasn't been retrofitted yet - the HTML tags are showing up in "Big Al's" blog just like they do in my practice app. I'm asking for one of two things: Please either tell me the steps I would take to fix Big Al's blog or direct me to a comparable file where I can do side-by-side comparison of new world (literals escaped) vs. old world (Big Al). Thank you very much in advance for any help you can provide. Judd -- View this message in context: http://www.nabble.com/XSS-Exploit-Countermeasures---Escaping-Characters-tp23974171p23974171.html Sent from the OFBiz - User mailing list archive at Nabble.com.
