SAP Note 887168 - BSP Page Directive <%@page forceEncode="html"%> & <%html=%>

Component : Business Server Pages -

Solution : https://service.sap.com/sap/support/notes/887168 (SAP Service marketplace login required)

Key words :
>  <input type=submit></form></body></html>, symptom xss attacks typically happen, bsp compiler automatically html encode, %><html><body><form>  <% data, ></form></body></html>important, content forceencode=enabled> attribute, >  <input type=submit>  <, %>  <input type=text, <input type=text, make life easier

Related Notes :

1411659
944279BSP Page Directive <%@page forceEncodeOtr="html"%> and <OTR>
891232BSP Security Relevant Changes
822881XSS Support for BSP-Extensions HTMLB, XHTMLB and PHTMLB