https://www.infopathdev.com:443/forums/41.aspxIf you're not sure where to ask your question, ask it here. If necessary, our moderators will make sure it gets classified in the correct board.enCommunityServer 2007 SP3 (Build: 31118.962)https://www.infopathdev.com:443/forums/thread/6602.aspxThu, 17 Mar 2005 05:17:23 GMT033a2e2d-04e2-4a9d-be01-a4634161eefd:6602Sudheer0https://www.infopathdev.com:443/forums/thread/6602.aspxhttps://www.infopathdev.com:443/forums/commentrss.aspx?SectionID=41&PostID=6602Anybody has ever faced this issue.https://www.infopathdev.com:443/forums/thread/4588.aspxWed, 16 Mar 2005 04:34:54 GMT033a2e2d-04e2-4a9d-be01-a4634161eefd:4588Sudheer0https://www.infopathdev.com:443/forums/thread/4588.aspxhttps://www.infopathdev.com:443/forums/commentrss.aspx?SectionID=41&PostID=4588In our tool, Infopath has been used in integration with WebApplication. On button click in Aspx page I am opening an infopath and Data editing is totally using Infopath and after submission of data in infopath showing the same content in readonly mode in aspx. <br /><br />So in this scenario, when I enter some junk like( &lt;script&gt; alert(“a”) &lt;/script&gt;) in one of editable controls and submit data in infopath and try to see the data in aspx page getting the alert Message. So Cross-site scripting(Injection ) is happening. Is there any direct way to restrict this type of validation. <br /><br />Can any body please suggest how I can handle this scenario. It stood as blocking Security Bug.<br />I am using Jscript for Coding with infopath.<br /><br />Any ideas can be appreciated.<br /><br />Thanks in Advance<br />