You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@sling.apache.org by "Carsten Ziegeler (Jira)" <ji...@apache.org> on 2022/02/07 15:53:00 UTC
[jira] [Resolved] (SLING-11128) Escape tenant id
[ https://issues.apache.org/jira/browse/SLING-11128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler resolved SLING-11128.
--------------------------------------
Resolution: Fixed
Fixed in https://github.com/apache/sling-org-apache-sling-tenant/commit/86af378cba3648e8356bcbc91a5d4a84304eb1fc by using the XSSAPI to escape the id.
In addition, updated to latest parent pom and fixed a bug in getting a tenant based on the id if the id contains special characters
> Escape tenant id
> ----------------
>
> Key: SLING-11128
> URL: https://issues.apache.org/jira/browse/SLING-11128
> Project: Sling
> Issue Type: Improvement
> Components: General
> Affects Versions: Tenant 1.1.4
> Reporter: Carsten Ziegeler
> Assignee: Carsten Ziegeler
> Priority: Major
> Fix For: Tenant 1.1.6
>
>
> The id of a tenant is not properly escaped in all place (printForm is missing). This can lead to corrupted html
--
This message was sent by Atlassian Jira
(v8.20.1#820001)