Highlighted

How to modify the contents of javascript files through RoboHelp.

New Here ,
Jun 22, 2020

Copy link to clipboard

Copied

I have a class named eHelpDhtm.js, which is dynamically generated by RoboHelp and I can't modify this file.

If I will modify these file contents then  next time when this tool will run then changes will be overwritten.

My issue is :

when I am scanning my whole project through checkmark, I am seeing vulnerability related to DOM XSS attack.
Below is my code snippet:


function PopupMenu_InvokeReady()
{
if (gbWndPopupLinks != null) {
gbWndPopupLinks.document.open("text/html");
gbWndPopupLinks.document.write("<html><head>");
if (gbBsNS2) {
gbWndPopupLinks.document.write("<base href=\"" + location +"\">");
}
return true;
}

Here the faulty line of code is:

gbWndPopupLinks.document.write("<base href=\"" + location +"\">");

I want to change it like below through RoboHelp:

gbWndPopupLinks.document.write("<base href=\"" + HttpUtility.HtmlEncode(location) +"\">");

If RoboHelp will generate above changes then my issue will be resolved.

Can anyone please help me ?

Topics

Bug, Community Information, How to

Views

31

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

How to modify the contents of javascript files through RoboHelp.

New Here ,
Jun 22, 2020

Copy link to clipboard

Copied

I have a class named eHelpDhtm.js, which is dynamically generated by RoboHelp and I can't modify this file.

If I will modify these file contents then  next time when this tool will run then changes will be overwritten.

My issue is :

when I am scanning my whole project through checkmark, I am seeing vulnerability related to DOM XSS attack.
Below is my code snippet:


function PopupMenu_InvokeReady()
{
if (gbWndPopupLinks != null) {
gbWndPopupLinks.document.open("text/html");
gbWndPopupLinks.document.write("<html><head>");
if (gbBsNS2) {
gbWndPopupLinks.document.write("<base href=\"" + location +"\">");
}
return true;
}

Here the faulty line of code is:

gbWndPopupLinks.document.write("<base href=\"" + location +"\">");

I want to change it like below through RoboHelp:

gbWndPopupLinks.document.write("<base href=\"" + HttpUtility.HtmlEncode(location) +"\">");

If RoboHelp will generate above changes then my issue will be resolved.

Can anyone please help me ?

Topics

Bug, Community Information, How to

Views

32

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Have something to add?

Join the conversation