Configuring Output Filtering

ENOVIA Business Process Services includes the ability to support XSS (cross site scripting) by implementing an output filter to encode scripts that could contain malicious or untrusted data. This output filter also supports special characters, such as &.

  • Create a startup script that includes the following command: 

    set JAVA_OPTS=%JAVA_OPTS% -Dorg.owasp.esapi.resources=<path>

    The <path> should be the physical path location of the following files:

    • antisamy-esapi.xml
    • ESAPI.properties
    • validation.properties

    These files are distributed in enovia/xss by default.