You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2021/07/03 17:39:00 UTC
[jira] [Comment Edited] (OFBIZ-12273) IndexOutOfBoundsException on
Entity Import
[ https://issues.apache.org/jira/browse/OFBIZ-12273?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17374104#comment-17374104 ]
Jacques Le Roux edited comment on OFBIZ-12273 at 7/3/21, 5:38 PM:
------------------------------------------------------------------
Hi guys,
I have fixed your issues https://github.com/apache/ofbiz-framework/commit/0effce0
Please check it's OK with you and you don't see any possible vulnerabilities, TIA
If it's OK I'll backport and close
was (Author: jacques.le.roux):
Hi guys,
I have fixed your issues https://github.com/apache/ofbiz-framework/commit/0effce0
Please check it's OK with you and you don't see any possible vulnerabilities, TIA
If it's OK I'll close
> IndexOutOfBoundsException on Entity Import
> ------------------------------------------
>
> Key: OFBIZ-12273
> URL: https://issues.apache.org/jira/browse/OFBIZ-12273
> Project: OFBiz
> Issue Type: Bug
> Affects Versions: 18.12.01, Release Branch 17.12, Trunk
> Reporter: Sebastian Berg
> Assignee: Jacques Le Roux
> Priority: Major
>
> I get an IndexOutOfBoundsException when using the EntityImport.
> The problem occurs while having a resemblance of an url in the data.
> For example '
> screenPath="component://project/widget/project/ContentScreens.xml#main-page-template"' is interpreted as url because of '://' but doesn't match a valid url pattern.
> The problem seems to be directly connected to Issue 12249. I think the used pattern in UtilHttp.exctractUrl() should at least be configureable like the customSafePolicy. [~jleroux] maybe you can have a look since you implemented the changes.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)