Try OpenEdge Now
skip to main content
Server Administrator's Guide
Business Process Server web security : XSS handler implementation

XSS handler implementation

When enabled, the default implementation of the XSS handler sanitizes the incoming data before accepting it. Sanitization process is different for different types of data such as HTML text and plain text.To identify whether the incoming data is HTML text or plain text, it uses the Element Detection Pattern regular expression as explained in the following sections.
* Sanitizing HTML text
* Sanitizing plain text
* XSS configuration