Salesforce
CRT-450 · Question #77
CRT-450 Question #77: Real Exam Question with Answer & Explanation
The correct answer is B. ApexPages.currentPage() .getParameters() .get('url_param') .escapeHtml4(). See the full explanation below for the reasoning.
Question
A developer has a Apex controller for a Visualforce page that takes an ID as a URL parameter. How should the developer prevent a cross site scripting vulnerability?
Options
- AApexPages.currentPage() .getParameters() .get('url_param')
- BApexPages.currentPage() .getParameters() .get('url_param') .escapeHtml4()
- CString.ValueOf(ApexPages.currentPage() .getParameters() .get('url_param'))
- DString.escapeSingleQuotes(ApexPages.currentPage() .getParameters(). get('url_param'))
Community Discussion
No community discussion yet for this question.