Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
C
C
cyberlain2021-01-29 18:22:11
1C-Bitrix
cyberlain, 2021-01-29 18:22:11

Question for bitrix programmers: how did you solve problems with Cross-Site Scripting?

Launched a security scanner that revealed problems of this kind

Cross-Site Scripting
File: /home/bitrix/ext_www/sitename/bitrix/templates/market_column_1/bxready/library/elements/ecommerce_v1/element.php

303: echo $_COOKIE['_ym_uid']
Необходимые условия:
90: if($arElement['IBLOCK_SECTION_ID'] !== "869")
Аналогично:
311: echo $_COOKIE['_ym_uid']
319: echo $_COOKIE['_ym_uid']


and the static analyzer dug up 10 such jambs.

What does this mean and how do you deal with it?

ps: I wish you all good health, a lot of love and money, and not to face Bitrix yet

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexey Emelyanov, 2021-01-29
@babarun

You are parsing a third party custom template, not the core, so the question should be addressed to them.

Similar questions
N
Natalia2020-10-15 17:24:46
How to change the phrase in the product card in Bitrix? 2Reply
S
Skinner2020-10-16 12:53:04
How to set up sorting for displaying pictures in bitrix? 1Reply
P
photosho2020-10-16 16:11:02
Why Trade Offers may not be displayed in the list of products? 1Reply
I
Irek Sitdikov2016-07-27 17:17:46
How to reset bitrix:main.interface.grid user settings? 1Reply
M
my_username2016-07-28 13:08:57
How to edit less files through the Bitrix admin panel? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question