XSS Validation Continues To Run After Disabling XSSParameterValidator (Doc ID 2140107.1)

Last updated on MARCH 02, 2017

Applies to:

Oracle Commerce Platform - Version 11.2 and later
Information in this document applies to any platform.

Symptoms


After disabling (enabled=false) the /atg/dynamo/servlet/security/XSSParameterValidator, the XSSParameterValidator continues to validate ̣XSS

 

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms