Skip to Content
avatar image
Former Member

lafPath variable in standard portal


    I am looking at html code from standard page in Portal as following :


<TITLE>SAP Enterprise Portal</TITLE>

<script language="javascript">

var lafPath = getParameter("lafPath");

var lafFile1Path = lafPath + "/themes/portal/sap_standard/ctrl/ctrl_ie5.css";

var lafFile2Path = lafPath + "/themes/portal/sap_standard/prtl/prtl_ie5.css";

var lafFile3Path = lafPath + "/themes/portal/sap_standard/prtl_std/prtl_std_ie5.css";

document.write("<LINK REL=stylesheet HREF=\"" + lafFile1Path + "\">");

document.write("<LINK REL=stylesheet HREF=\"" + lafFile2Path + "\">");

document.write("<LINK REL=stylesheet HREF=\"" + lafFile3Path + "\">");



I have no idea where the variable is set. Can you advise me.

Thank you,


Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Best Answer
    avatar image
    Former Member
    Apr 10, 2012 at 07:12 AM

    Hi Noppong,

    The script https://<hostname>/irj/portalapps/

    tml accepts user input as variable lafPath. This variable appears to be

    being inserted directly into a Javascript request for a further URL

    without sufficient input validation.



    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Noppong Jinbunluphol,

      I am not sure if these notes will help you , but please have a look.

      Please read the following notes and check if you are in the correct SP and patch:-

      1615941 - Portal XSS Encoding Library - StringUtils

      866020  - SAP encoding functions in the Web environment

      1601461 - Update #1 to Security Note 866020

      1590008 - JAVA output encoding