Try OpenEdge Now
skip to main content
Server Administrator's Guide
Business Process Server web security : XSS handler implementation : XSS configuration : XSS actions : Action on unaccepted attributes
Action on unaccepted attributes
This configuration specifies what action should be taken on the attributes that are not accepted in the user data. The possible values could be:
REMOVE — Removes the attribute and its value.
THROW_EXCEPTION — Throws exception to the user. This option is not recommended.
ENCODE_VALUE — Encodes the attribute value with base64.
The default value of unaccepted-attribute-action-type is REMOVE.