6 Replies Latest reply on Apr 3, 2012 4:21 AM by umesh.sehgal

    Question around the richfaces scripts and styles

    umesh.sehgal

      Hi,

       

      I'm using richfaces components in my application and I see that with every Ajax request made to the server, the response contains a specific script and stylesheet ( /richfaces/renderkit/html/scripts/tooltip.js.jsf and /richfaces/renderkit/html/css/tooltip.xcss/DATB/eAF7sqpgb-jyGdIAFrMEaw__.jsf), but I'm not sure what they are for.

       

      Can someone please put some light on what these artifacts are for and if it would make any difference if under certain cases these are not included in response.

       

      The reasons I want to know this is because, when we run a penetration testing tool against our application, under one specific scenario these two artifacts are not part of the response, and because of that the tool reports the web page as vulnerable to security break.We really need to figure out as why these artifacts go missing in that response

       

      Any help would be highly appreciated.

       

      Thanks,

      Umesh