You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by "Radu Cotescu (JIRA)" <ji...@apache.org> on 2018/08/03 13:02:00 UTC

[jira] [Resolved] (SLING-7801) Optimise AntiSamy logging for null input in org.apache.sling.xss.impl.HtmlToHtmlContentContext

     [ https://issues.apache.org/jira/browse/SLING-7801?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Radu Cotescu resolved SLING-7801.
---------------------------------
    Resolution: Fixed

Fixed in [commit 271bfe5|https://github.com/apache/sling-org-apache-sling-xss/commit/271bfe5].

> Optimise AntiSamy logging for null input in org.apache.sling.xss.impl.HtmlToHtmlContentContext
> ----------------------------------------------------------------------------------------------
>
>                 Key: SLING-7801
>                 URL: https://issues.apache.org/jira/browse/SLING-7801
>             Project: Sling
>          Issue Type: Bug
>          Components: Extensions
>    Affects Versions: XSS Protection API 2.0.6
>            Reporter: Radu Cotescu
>            Assignee: Radu Cotescu
>            Priority: Major
>             Fix For: XSS Protection API 2.0.12
>
>
> AntiSamy throws exceptions when scanning null input. Although the exceptions are handled correctly, they have the potential to fill up the logs. A null check is better suited in this case, so that the only thrown exceptions are in case there's a real scan / policy issue.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)