I have added the following line to a template file
link_to("CSV", params.merge(:action => "list", :format => :csv, :filename => filename)
A security assessment tool showed the warning that there is a cross scripting vulnerability asscociated with this.I need to know
1)Why such a vulnerability occur? 2)What is the solution to this problem?
Aucun commentaire:
Enregistrer un commentaire