My Oracle Support Banner

XSS Validation Continues To Run After Disabling XSSParameterValidator (Doc ID 2140107.1)

Last updated on MARCH 02, 2017

Applies to:

Oracle Commerce Platform - Version 11.2 and later
Information in this document applies to any platform.


After disabling (enabled=false) the /atg/dynamo/servlet/security/XSSParameterValidator, the XSSParameterValidator continues to validate ̣XSS




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.