Java Script in Mendix Textboxes

Hi, Mendix textboxes allows java script to be inserted into them. Is there a way to prevent java script from being added in text boxes. This is required as a part of security compliance. Thanks, Aravind
1 answers

Although Mendix does allow JavaScript as input and allows it to be saved in the database, the standard Mendix widgets ensure this JavaScript is not executed in the user's browser. Therefore, as long as you use the default widgets, you should be safe.


If you use custom widgets, this JavaScript might be executed. There are two server side measures you can take to protect against this:

 * Use the XSSSanitize option from the CommunityCommons module. This strips a string of unwanted JavaScript.

 * Create a custom validation which detects JavaScript and disallow saving.