You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Karl Pauls (JIRA)" <ji...@apache.org> on 2017/03/22 15:51:41 UTC

[jira] [Updated] (SLING-6685) Replace commons.json usage in org.apache.sling.xss

     [ https://issues.apache.org/jira/browse/SLING-6685?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Karl Pauls updated SLING-6685:
------------------------------
    Attachment: SLING-6685.patch

This one is a tricky one. The patch does replace the usage with johnzon - however, the xss impl used the org.json code to parse not wellformed json and return it as wellformed json. 

The johnzon parser only supports wellformed json so it throws exceptions much earlier. For that reason, one of the tests in this bundle does fail after applying the patch. 

The question is if we need to use some different for the parsing (and keep the functionality) or whether we think this is ok and correct the test?

> Replace commons.json usage in org.apache.sling.xss
> --------------------------------------------------
>
>                 Key: SLING-6685
>                 URL: https://issues.apache.org/jira/browse/SLING-6685
>             Project: Sling
>          Issue Type: Sub-task
>          Components: XSS Protection API
>    Affects Versions: XSS Protection API 1.0.18
>            Reporter: Karl Pauls
>            Assignee: Karl Pauls
>             Fix For: XSS Protection API 1.0.20
>
>         Attachments: SLING-6685.patch
>
>




--
This message was sent by Atlassian JIRA
(v6.3.15#6346)