In our tool, Infopath has been used in integration with WebApplication. On button click in Aspx page I am opening an infopath and Data editing is totally using Infopath and after submission of data in infopath showing the same content in readonly mode in aspx.
So in this scenario, when I enter some junk like( <script> alert(“a”) </script>) in one of editable controls and submit data in infopath and try to see the data in aspx page getting the alert Message. So Cross-site scripting(Injection ) is happening. Is there any direct way to restrict this type of validation.
Can any body please suggest how I can handle this scenario. It stood as blocking Security Bug.
I am using Jscript for Coding with infopath.
Any ideas can be appreciated.
Thanks in Advance