Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
518
Views
5
Helpful
1
Replies

ECE chat API start chat API triggered security warnings

Yugandhar reddy
Level 1
Level 1

‎10-22-2021 07:42 AM

Hi Team,

 
We have implemented an ECE chatbot for one of the customers.
 
Their network team has raised an SQL Injection flag on the communication that happens in start chat.
 
When we initiate a new chat, egain javascript API is looking for l10n/messaging_en_US.properties

 

snippet from egain.js 
// sending messaging_xx_XX.properties file content
body.c('messagingData', '<![CDATA['+this.eGainMessagingProperty+']]>').up();
 
The data is picked from the messaging and appended in XML tag with <![CDATA[ 
 
We need to understand the usage and how do we remove <![CDATA[
0 Helpful
1 Reply 1

dekwan
Cisco Employee
Cisco Employee

‎10-22-2021 09:58 AM

Hi,

 

I am just reply to this so others searching the community will know.

 

The best place way to get help for ECE APIs is by emailing the ECE team at ask-ece-dev@external.cisco.com

 

Thanx,

Denise

Customers Also Viewed These Support Documents