You have been contracted to create a web site for a free dating service. One feature is the ability
for one client to send a message to another client, which is displayed in the latter client’s private
page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent
cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked
when another user views that content. Which two JSTL code snippets will prevent cross-site
hacking in the scenario above? (Choose two.)
A.
<c:out>${message}</c:out>
B.
<c:out value=’${message}’ />
C.
<c:out value=’${message}’ escapeXml=’true’ />
D.
<c:out eliminateXml=’true’>${message}</c:out>
E.
<c:out value=’${message}’ eliminateXml=’true’ />
Explanation: