Uploaded image for project: '{RETIRED} XWiki Administration Application'
  1. {RETIRED} XWiki Administration Application
  2. XAADMINISTRATION-80

Use escaping to prevent XSS rather than blocking unexpected requests.

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Minor
    • 1.24
    • 1.23
    • Users, Groups, Rights
    • None

    Description

      Switch from blocking requests which may be the result of malformed links to escaping the content which is taken from request parameters and put into form fields.

      Attachments

        Activity

          People

            calebjamesdelisle CalebJamesDeLisle
            calebjamesdelisle CalebJamesDeLisle
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: