Adobe Exam AD0-E704 Topic 4 Question 42 Discussion

Actual exam question for Adobe's AD0-E704 exam

Question #: 42
Topic #: 4

In a phtml, you added script tag and defined couple of js variables as below:Now to protect it from XSS attacks, which two methods allow you to keep the php variable output XSS-safe?Choose 2

A$block->escapeUrl($myUrl)

B$block->escapeJs($myName)

C$block->escapeHtmlAttr($myName)

D$block->escapeHtmlAttr($myUrl)

Show Suggested Answer

Suggested Answer: A

by Frederick at Jul 10, 2024, 02:55 AM

Limited Time Offer

25%

Off

Get Premium AD0-E704 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Linwood

8 days ago

I'm not sure about the answer. Can someone explain why D) $block->escapeHtmlAttr($myUrl) is not one of the methods to keep the php variable output XSS-safe?

upvoted 0 times

...

Allene

9 days ago

I agree with Dean. I also think C) $block->escapeHtmlAttr($myName) is another method to protect against XSS attacks.

upvoted 0 times

...

Dean

10 days ago

I think A) $block->escapeUrl($myUrl) is one method to keep the php variable output XSS-safe.

upvoted 0 times

...

Lashaun

11 days ago

I'm not sure about the answer. Can you explain why escapeUrl and escapeHtmlAttr are the right methods to use for protecting against XSS attacks?

upvoted 0 times

...

Pura

17 days ago

I think the correct answers are B and C. Escaping the JavaScript variables is important to prevent XSS attacks.

upvoted 0 times

...

Jamey

20 days ago

I agree with Gracia. Using escapeUrl and escapeHtmlAttr functions will help prevent XSS attacks in the phtml file.

upvoted 0 times

...

Gracia

25 days ago

I think A) $block->escapeUrl($myUrl) and C) $block->escapeHtmlAttr($myName) are the correct methods to keep the php variable output XSS-safe.

upvoted 0 times

...