Details
-
Improvement
-
Resolution: Fixed
-
Major
-
14.10.3
-
None
Description
Now that we provided script services for sanitizing html elements and for checking URLs, I'd like to provide a dedicated velocity macro for helping ensuring the URLs are safe in templates.
Attachments
Issue Links
- blocks
-
XWIKI-20341 RXSS in Delete Template via redirect parameter
- Closed
-
XWIKI-20352 RXSS via xredirect parameter in restore template
- Closed
-
XWIKI-20612 RXSS via xredirect parameter in deletespace template
- Closed
-
XWIKI-20614 RXSS via xredirect paramer in DeleteApplication
- Closed
- depends on
-
XCOMMONS-2607 Add a script service for HtmlElementSanitizer
- Closed
-
XWIKI-20549 Provide a new script service API to check trustfulness of an URI
- Closed