Online Help Security Scan Issue

Post Reply
cynthiad
Propeller Head
Posts: 18
Joined: Tue May 23, 2017 8:02 am

Online Help Security Scan Issue

Post by cynthiad »

HI,
I have a security issue.

We did a Vericode scan and the scan showed that the online documentation threw 27 Cross-Site Scripting errors. They all dealt with one javascript file which contains a JQuery cookie reference. We believe it’s the JQuery cookie reference that’s causing the Cross-Site Scripting errors.

Have you seen this issue? Can it be resolved?

Thanks,
Cynthia Didio
Nita Beck
Senior Propellus Maximus
Posts: 3667
Joined: Thu Feb 02, 2006 9:57 am
Location: Pittsford, NY

Re: Online Help Security Scan Issue

Post by Nita Beck »

What version of Flare are you using? The latest update (Flare 2018 r2), which came out a few days ago, apparently has fixed something having to do with security.

Release notes are here: [url]https://kb.madcapsoftware.com/Content/F ... s.htm//url]

A number of the bug fixes address cross-site scripting.

HTH
Nita
Image
RETIRED, but still fond of all the Flare friends I've made. See you around now and then!
cynthiad
Propeller Head
Posts: 18
Joined: Tue May 23, 2017 8:02 am

Re: Online Help Security Scan Issue

Post by cynthiad »

Nita,
I am using doc-2-help 2014 not Flare. Is this a known issue that can be fixed?
Thanks,
Cynthia Didio
Nita Beck
Senior Propellus Maximus
Posts: 3667
Joined: Thu Feb 02, 2006 9:57 am
Location: Pittsford, NY

Re: Online Help Security Scan Issue

Post by Nita Beck »

Oh, I’m sorry. I wasn’t paying attention...

I actually have no idea about Doc-To-Help and suggest that you take this up with MadCap tech support, if you’re able.
Nita
Image
RETIRED, but still fond of all the Flare friends I've made. See you around now and then!
cynthiad
Propeller Head
Posts: 18
Joined: Tue May 23, 2017 8:02 am

Re: Online Help Security Scan Issue

Post by cynthiad »

Nita,
Please provide the tech support number. I appreciate it.

Cynthia Didio
SKamprowski
Sr. Propeller Head
Posts: 277
Joined: Fri Feb 13, 2015 8:25 am
Location: Germany

Re: Online Help Security Scan Issue

Post by SKamprowski »

Hi,

I suggest to do a test with current DocToHelp Version i.e. V5. I assume it doen't matter when you try it with a test Installation, best on another machine.
Kind regards,
Sabine Kamprowski
DocToHelp MVP (by ComponentOne)
SKamprowski
Sr. Propeller Head
Posts: 277
Joined: Fri Feb 13, 2015 8:25 am
Location: Germany

Re: Online Help Security Scan Issue

Post by SKamprowski »

Hi,

I suggest to do a test with current DocToHelp Version i.e. V5. I assume it doen't matter when you try it with a test Installation, best on another machine.
Kind regards,
Sabine Kamprowski
DocToHelp MVP (by ComponentOne)
cynthiad
Propeller Head
Posts: 18
Joined: Tue May 23, 2017 8:02 am

Re: Online Help Security Scan Issue

Post by cynthiad »

Nita,
Please just send me the tech support number. I will work with them. I appreciate it.
SKamprowski
Sr. Propeller Head
Posts: 277
Joined: Fri Feb 13, 2015 8:25 am
Location: Germany

Re: Online Help Security Scan Issue

Post by SKamprowski »

You may find the phone number here….
https://www.doctohelp.com/support/contact-options.aspx
And I'm sorry for my duplicated last reply.
Kind regards,
Sabine Kamprowski
DocToHelp MVP (by ComponentOne)
cynthiad
Propeller Head
Posts: 18
Joined: Tue May 23, 2017 8:02 am

Re: Online Help Security Scan Issue

Post by cynthiad »

Nita,
Thank you for sending the information!
Nita Beck
Senior Propellus Maximus
Posts: 3667
Joined: Thu Feb 02, 2006 9:57 am
Location: Pittsford, NY

Re: Online Help Security Scan Issue

Post by Nita Beck »

Thank Sabine, not me! She’s our resident DocTo-Help guru.
Nita
Image
RETIRED, but still fond of all the Flare friends I've made. See you around now and then!
Post Reply