You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by ra...@apache.org on 2019/01/25 11:46:11 UTC
[sling-org-apache-sling-xss] branch issue/SLING-8235 created (now
f63b4b7)
This is an automated email from the ASF dual-hosted git repository.
radu pushed a change to branch issue/SLING-8235
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-xss.git.
at f63b4b7 SLING-8235 - Stop copying the AntiSamy configuration to the repository
This branch includes the following new commits:
new 6b940f2 SLING-4705 - Move the XSS Protection bundle from contrib to bundles
new c5d1f8a SLING-4525 - XSS protection path mangling issue
new f5f07e2 SLING-4557 - Add JSON and XML validation to the XSS Protection API
new 1317012 SLING-4584 - Performance: XSSAPI.getValidHref should not be based on HTML filtering
new 6ce38f5 Update to Sling Parent 23
new fd5d9da Remove superflous sling.java.version=6 as it's the default now
new adbf4a3 set parent version to 24 and add empty relativePath where missing
new 975919c SLING-4403 - XSS Configuration should allow caption tags
new c5f9c4b SLING-4584 - Performance: XSSAPI.getValidHref should not be based on HTML filtering
new d40b15a trivial: corrected JavaDoc for Java 1.8
new 5c7e57a trivial: updated README
new 0568c80 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.4
new 6824eb3 [maven-release-plugin] prepare for next development iteration
new 5955108 SLING-5050 - Disable AntiSamy's default formatOutput policy directive
new bffec24 Update the main reactor to parent 25
new ccb7f2e [maven-release-plugin] prepare release org.apache.sling.xss-1.0.6
new fbb32c9 [maven-release-plugin] prepare for next development iteration
new ff1b5b6 Switch to parent pom 26
new 4322eb2 SLING-5445 - XSSAPI#encodeForJSString is too restrictive
new d826d17 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.8
new d023a5d [maven-release-plugin] prepare for next development iteration
new 574a139 SLING-5761 - adding double validator
new 194f72f SLING-5761 add Double XSS validator
new bf2fb9b SLING-5946 - XSSAPI#encodeForJSString is not restrictive enough
new dbd0f80 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.10
new 63f9a33 [maven-release-plugin] prepare for next development iteration
new eebb84b SLING-5954 - Disable non-essential features in XML parser
new 3ca3f82 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.12
new c47f4af [maven-release-plugin] prepare for next development iteration
new e3b4794 SLING-4560 - XSSAPI#getValidHref is empty for valid Bengali or Hindi characters
new 5ae47ae Add a Include-Resource statement for LICENSE and NOTICE so that the binary jar contains the proper META-INF/LICENSE and META-INF/NOTICE files from the root.
new 4a797dc SLING-4560 - XSSAPI#getValidHref is empty for valid Bengali or Hindi characters
new ea5afcc SLING-6010 - Correctly include LICENSE and NOTICE files in both source and binary jars
new 317434d [maven-release-plugin] prepare release org.apache.sling.xss-1.0.14
new 651817e [maven-release-plugin] prepare for next development iteration
new eab352f SLING-6007 : XSSFilterImpl should move to new ResourceChangeListener API . Apply slightly modified patch from abdul hameed pathan
new 29f9333 SLING-6007 - XSSFilterImpl should move to new ResourceChangeListener API
new ea1bb8e SLING-5234 - Remove getAdministrativeResourceResolver() usage from org.apache.sling.xss
new b023c61 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.16
new 85cec8f [maven-release-plugin] prepare for next development iteration
new e03f173 SLING-6507 Remove (sub) service user from XSSFilterImpl
new a7fa575 SLING-6509 Use ServiceUserMapped to ensure presence of service user mapping
new c517699 [maven-release-plugin] prepare release org.apache.sling.xss-1.0.18
new 45db58c [maven-release-plugin] prepare for next development iteration
new 0753822 use Sling Parent 30
new c4a9ef2 add missing Felix SCR and bnd annotations
new aa32355 SLING-6685: Replace commons.json usage in org.apache.sling.xss
new 3ab7e42 SLING-6685: Switch to geronimo provider for javax.json api.
new 4cebc26 SLING-6754 - The XSS bundle doesn't provide any services
new 52bfbf3 SLING-6754 - The XSS bundle doesn't provide any services
new 70d7f5e Cosmetics: make field final
new 8a91f41 Cosmetics: remove static from logger, remove unnecessary null assignment, make validator final
new 19cdc66 Cosmetics: remove unnecessary null assignment, make map final, remove unnecessary static from fields
new d07bb42 Add service.vendor property
new dc8a22b SLING-6794 : Inconsistent handling of default configuration
new 389a75f Remove the JSONUtil class altogether as we don't want to migrate it to the new javax.json (SLING-6685).
new a52e165 Remove unused methods from XSSAPI and drop XSSAPIAdapterFactory (SLING-6793).
new ee73687 SLING-6810 : Exclude JavaEE packages
new 0cc9ff4 Remove some unnecessary import statements (SLING-6793)
new e9b24cc Update xss bundle to commons.johnzon 1.0.0
new cf7569c [maven-release-plugin] prepare release org.apache.sling.xss-2.0.0
new 78b7cf8 [maven-release-plugin] prepare for next development iteration
new 143835a SLING-7167 Adjust READMEs
new 1b1e969 SLING-7162 - Update SCM information in all POM files to reference Git
new 4833966 Fix typo in pom.xml : conncetion should be connection
new 3dd559c SLING-7214 - Add the LICENSE file to every module
new 5b7c98b SLING-7213 - Add a default .gitignore file to every module
new 3330a18 SLING-7323 - Optimise URL handling
new 7c7aae7 [maven-release-plugin] prepare release org.apache.sling.xss-2.0.2
new 11011d5 [maven-release-plugin] prepare for next development iteration
new ec6764d SLING-7323 - Optimise URL handling
new 7bc4d78 [maven-release-plugin] prepare release org.apache.sling.xss-2.0.4
new 4c118bd [maven-release-plugin] prepare for next development iteration
new a22e1f3 SLING-7476 - Exceptions should be logged correctly
new 7265c51 [maven-release-plugin] prepare release org.apache.sling.xss-2.0.6
new 257e709 [maven-release-plugin] prepare for next development iteration
new 43947bd Updating badges for org-apache-sling-xss
new bfee439 SLING-7741 - org.apache.sling.xss.impl.XSSAPIImpl#getValidHref doesn't correctly handle the ":" character in URL fragments
new 778794d SLING-7758 - [XSS] Enable support for data attributes
new 593747b [maven-release-plugin] prepare release org.apache.sling.xss-2.0.8
new 1794b83 [maven-release-plugin] prepare for next development iteration
new 61dd6a9 SLING-7766 - Optimise the way the AntiSamy configuration is read
new 5d74f0d SLING-7770 - URLs ending in "/" get filtered by AntiSamy
new b2c44af SLING-7771 - org.apache.sling.xss.impl.XSSFilterImpl#isValidHref can throw exceptions for illegal hex escape sequences
new 3f3c1bd [maven-release-plugin] prepare release org.apache.sling.xss-2.0.10
new 787580b [maven-release-plugin] prepare for next development iteration
new 4a90915 SLING-7777 - XSSFilter is rejecting URLs containing only queries or fragments
new 271bfe5 SLING-7801 - Optimise AntiSamy logging for null input in org.apache.sling.xss.impl.HtmlToHtmlContentContext
new c60641b [maven-release-plugin] prepare release org.apache.sling.xss-2.0.12
new 6e4c385 [maven-release-plugin] prepare for next development iteration
new 714ae03 SLING-7814 - URLs with JCR namespaces can get double encoded by XSSAPI.getValidHref
new 0d2d832 SLING-7798 Switch from JSR-305 annotations to JetBrains Nullable/NotNull annotations
new fbd0506 SLING-7216 - [nice-to-have] Add a CODE_OF_CONDUCT file to every module
new aed7d39 SLING-7215 - [nice-to-have] Add a CONTRIBUTING file to every module
new 4434f30 trivial: added license header to *.md files
new c5d96e9 [maven-release-plugin] prepare release org.apache.sling.xss-2.0.14
new f21410e [maven-release-plugin] prepare for next development iteration
new f63b4b7 SLING-8235 - Stop copying the AntiSamy configuration to the repository
The 98 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.