amansukhani

Hi, My URL to the XML content is relative. I am using a parameter in the URL that refers to an absolute path. This is there just to help me generate the XML content. Why should this be disallowed? My URL is of the form - /viewer/extract?__extractextension=flashchartsxml&__instanceid=%2F0.14&__document=D%3A%5CFusionCharts_Project%5Cruntime-3_25%5Ctest.text&__locale=en_US&__bookmark=%23 I am encoding this URL using escape(url) before setting the dataurl Thanks.

Hi, I am using dataURL method to supply XML required by fusion charts. My URL contains parameters that I need in order to create the XML and one of these refers to a physical file location and has the full path - C:myprojectstest.txt. Because of this colon present in the URL I see the following error - A colon character was found in dataURL, which can be potentially dangerous as it allows XSS attacks. Re-setting dataURL to Data.xml. If you're using absolute URLs (like http://domain.com/...) to provide dataURL, please convert it to relative path for increased security. Is there a way to work around this? Thanks.