Which two JSTL code snippets will prevent cross-site hacking in the scenario above?

You have been contracted to create a web site for a free dating service. One feature is the ability
for one client to send a message to another client, which is displayed in the latter client’s private

page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent
cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked
when another user views that content. Which two JSTL code snippets will prevent cross-site
hacking in the scenario above? (Choose two.)

You have been contracted to create a web site for a free dating service. One feature is the ability
for one client to send a message to another client, which is displayed in the latter client’s private

page. Your contract explicitly states that security is a high priority. Therefore, you need to prevent
cross-site hacking in which one user inserts JavaScript code that is then rendered and invoked
when another user views that content. Which two JSTL code snippets will prevent cross-site
hacking in the scenario above? (Choose two.)

A.
<c:out>${message}</c:out>

B.
<c:out value=’${message}’ />

C.
<c:out value=’${message}’ escapeXml=’true’ />

D.
<c:out eliminateXml=’true’>${message}</c:out>

E.
<c:out value=’${message}’ eliminateXml=’true’ />

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *