You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@wookie.apache.org by "Scott Wilson (JIRA)" <ji...@apache.org> on 2009/12/11 00:38:18 UTC

[jira] Updated: (WOOKIE-76) Consider and mitigate against potential security risks in widget metadata

     [ https://issues.apache.org/jira/browse/WOOKIE-76?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Wilson updated WOOKIE-76:
-------------------------------

    Priority: Minor  (was: Blocker)

> Consider and mitigate against potential security risks in widget metadata
> -------------------------------------------------------------------------
>
>                 Key: WOOKIE-76
>                 URL: https://issues.apache.org/jira/browse/WOOKIE-76
>             Project: Wookie
>          Issue Type: Task
>            Reporter: Scott Wilson
>            Priority: Minor
>             Fix For: 0.8.1
>
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> Before we can make a release we should look at the issue of potential malicious content in widget metadata that gets returned to plugins; in particular the License and Description text elements. This may be a case of stripping out any tags and scripting statements, or limiting what metadata is returned by default.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.