For security reasons, it can be necessary that all output is encoded using HtmlEncode and UrlEncode, both in front end and server end.
Is Qlik Sense on Windows compliant with this requirement?
Is Qlik Cloud as well?
Environment
- Qlik Cloud
- Qlik Sense on Windows all supported versions
Resolution
Qlik Sense on Windows and Qlik Cloud perform output encoding as per OWASP recommendations for different contexts (including but not limited to URLEncode, HTMLEncode, etc.) for the content that is rendered by the engine. See this as a reference.
Internal Investigation ID
QB-11100