SAP Note 891232 - BSP Security Relevant Changes

Component : Business Server Pages -

Solution : https://service.sap.com/sap/support/notes/891232 (SAP Service marketplace login required)

Key words :
programming aspects sap note 887168 bsp page directive <%@page forceencode=, sap note 853878 http whitelist check                     features added, http header errors sap note 887322 whitelist checks, productive systems sap note 517484 inactive services, http header related problems solution, page directive <%@page forceencodeotr=, xss sap note 887323 html encoding, sap note 887164 bsp test applications, sap note 822881 xss support, http header errors

Related Notes :

1411659
944279BSP Page Directive <%@page forceEncodeOtr="html"%> and <OTR>
887323HTML Encoding of Error Messages
887322Whitelist checks of sap-exit URL
887168BSP Page Directive <%@page forceEncode="html"%> & <%html=%>
887164BSP Test Applications in Production Systems
853878HTTP WhiteList Check (security)
822881XSS Support for BSP-Extensions HTMLB, XHTMLB and PHTMLB
517484Inactive services in the Internet Communication Framework