Skip to Content
avatar image
Former Member

Handle escape xml ( from ABAP ) data in Javascript

Hi Colleagues,

Currently in our application the communication between ABAP back-end and UI layer we are using XML format as data exchange between them .

To remove the XSS security vulnerability we are using escape API as mentioned in the link SAP Encoding Functions for AS ABAP - Secure Programming - SAP Library

The sample snippet is shown below

CALL METHOD server->response->set_header_field(

         name  = if_http_header_fields=>content_type

         value = 'text/plain' ).

    lv_response = escape( val = lv_response_xml_data format = cl_abap_format=>e_xss_ml ).

     "Now Send the actual data

     server->response->set_cdata( data = lv_response ).


Now what in UI layer we are using unescape API in JS to retrieve the incoming XML content . But the this is not happening . Can you help me here ?

Best Regards,


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Nov 03, 2015 at 11:43 AM

    The issue is solved now after using regular expression in UI layer .

    Add comment
    10|10000 characters needed characters exceeded