You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2023/03/30 19:50:00 UTC

[jira] [Updated] (DOXIASITETOOLS-300) Don't populate Velocity context with XML entities

     [ https://issues.apache.org/jira/browse/DOXIASITETOOLS-300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Osipov updated DOXIASITETOOLS-300:
------------------------------------------
    Description: 
With MSITE-226 and MSKINS-222 we need to escape values to avoid syntax errors. The {{SiteRenderer}} should not assume that target is XML/HTML. No premature escaping. It is the task of the view layer to properly escape content.

When done, we will have double escaping, thus broken output.

  was:With MSITE-226 and MSKINS-222 we need to escape values to avoid syntax errors. The {{SiteRenderer}} should not assume that target is XML/HTML. No premature escaping. It is the task of the view layer to properly escape content.


> Don't populate Velocity context with XML entities
> -------------------------------------------------
>
>                 Key: DOXIASITETOOLS-300
>                 URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-300
>             Project: Maven Doxia Sitetools
>          Issue Type: Improvement
>          Components: Site renderer
>    Affects Versions: 2.0.0-M6
>            Reporter: Michael Osipov
>            Assignee: Michael Osipov
>            Priority: Major
>             Fix For: 2.0.0-M7
>
>
> With MSITE-226 and MSKINS-222 we need to escape values to avoid syntax errors. The {{SiteRenderer}} should not assume that target is XML/HTML. No premature escaping. It is the task of the view layer to properly escape content.
> When done, we will have double escaping, thus broken output.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)