Jan 16, 2015, 9:03 PM
[CLOSED] XSS encoding
When I set the title for a panel to be
<script>alert('hi');</script>
the title doesn't show up but I dont get an alert either. This makes me think Ext.NET or ExtJS is doing some encoding for XSS. Is that correct? And is that something added recently?
Last edited by Daniil; Jan 19, 2015 at 2:19 PM.
Reason: [CLOSED]