You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2022/02/07 15:53:00 UTC

[jira] [Resolved] (SLING-11128) Escape tenant id

     [ https://issues.apache.org/jira/browse/SLING-11128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Carsten Ziegeler resolved SLING-11128.
--------------------------------------
    Resolution: Fixed

Fixed in https://github.com/apache/sling-org-apache-sling-tenant/commit/86af378cba3648e8356bcbc91a5d4a84304eb1fc by using the XSSAPI to escape the id.
In addition, updated to latest parent pom and fixed a bug in getting a tenant based on the id if the id contains special characters

> Escape tenant id
> ----------------
>
>                 Key: SLING-11128
>                 URL: https://issues.apache.org/jira/browse/SLING-11128
>             Project: Sling
>          Issue Type: Improvement
>          Components: General
>    Affects Versions: Tenant 1.1.4
>            Reporter: Carsten Ziegeler
>            Assignee: Carsten Ziegeler
>            Priority: Major
>             Fix For: Tenant 1.1.6
>
>
> The id of a tenant is not properly escaped in all place (printForm is missing). This can lead to corrupted html



--
This message was sent by Atlassian Jira
(v8.20.1#820001)