SAP Knowledge Base Article - Public

2354028 - Validation Error - The "eval()" expression is not allowed


In a number of circumstances the following error may trigger in LMS

eval error.png


SuccessFactors Learning Management System (LMS)


By default the XSS filter prevents data such as "ItemEval (V)" because it contains the javascript trigger "eval()"; the use of which is considered dangerous in general.

SF would recommend you change the related data so as not to include the 'eval()' combination to avoid any possible javascript security vulnerability.

Or if you have to keep the ids like that, you could disable the below xss rule from the Configuration > System Configuration > WEB_SECURITY > set secRules.eval.enabled=false

This would not be the SF recommended choice but it is an option.


XSS filter; Validation error; eval(); javascript trigger; secRules.eval.enabled; , KBA , LOD-SF-LMS , SuccessFactors Learning , How To


SAP SuccessFactors Learning all versions