SAP STRING FUNCTION ESC XSS ABEXA

Get Example source ABAP code based on a different SAP table

VX_EXA_ONLY

ABAP_STRINGFUNC - escape for XSS
This example demonstrates the string function escape for preventing XSS.

ABAP_SOURCE_CODE
DEMO CL_DEMO_XSS

ABAP_DESCRIPTION
A search term can be entered in a dialog box. An output window provides a search function in the ABAP keyword documentation and with an external search engine. By default, the input is escaped using the function escape and the format cl_abap_format=>e_xss_ml. This prevents cross site scripting (XSS).
The function can be disabled for specific input to demonstrate the effects of an XSS attack. The input makes the links on the output window and the following input field unusable. More harmful functions could be used instead of the JavaScript function alert, but are not allowed in this example.