Try OpenEdge Now
skip to main content
Server Administrator's Guide
Business Process Server web security : XSS handler implementation : Sanitizing plain text

Sanitizing plain text

The plain text is sanitized by escaping all the unsafe HTML characters such as '>', '<' and '"' characters using the Apache StringEscapeUtils. You can change this behavior by modifying the unmatched-content-type-action attribute for the tag Element-detection-pattern under the XSS conditions.