You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Rene Gielen (Created) (JIRA)" <ji...@apache.org> on 2012/02/18 18:42:00 UTC
[jira] [Created] (WW-3757) Improve output sanitizing best practices
in example applications
Improve output sanitizing best practices in example applications
----------------------------------------------------------------
Key: WW-3757
URL: https://issues.apache.org/jira/browse/WW-3757
Project: Struts 2
Issue Type: Improvement
Components: Example Applications
Affects Versions: 2.3.1.1
Reporter: Rene Gielen
Assignee: Rene Gielen
Fix For: 2.3.2
Data inputted by users should be outputted in a clean way to demonstrate XSS prevention.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (WW-3757) Improve output sanitizing best
practices in example applications
Posted by "Hudson (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WW-3757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13211045#comment-13211045 ]
Hudson commented on WW-3757:
----------------------------
Integrated in Struts2 #415 (See [https://builds.apache.org/job/Struts2/415/])
WW-3757
Show how to produce sanitized output of user inputted data (Revision 1290827)
Result = SUCCESS
rgielen :
Files :
* /struts/struts2/trunk/apps/portlet/src/main/webapp/WEB-INF/view/freeMarkerExample.ftl
* /struts/struts2/trunk/apps/rest-showcase/src/main/webapp/WEB-INF/content/orders-index.jsp
* /struts/struts2/trunk/apps/rest-showcase/src/main/webapp/WEB-INF/content/orders-show.jsp
* /struts/struts2/trunk/apps/showcase/src/main/webapp/ajax/options.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/ajax/tabbedpanel/nodecorate/panel1.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/ajax/tabbedpanel/nodecorate/panel2Submit.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/ajax/tabbedpanel/nodecorate/panel3Submit.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/chat/showRoom.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/chat/usersAvailable.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/continuations/guess.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/person/list-people.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/tags/non-ui/actionPrefix/actionPrefix.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/tags/non-ui/actionPrefix/methodPrefix.ftl
* /struts/struts2/trunk/apps/showcase/src/main/webapp/tags/non-ui/actionPrefix/redirectActionPrefix.ftl
> Improve output sanitizing best practices in example applications
> ----------------------------------------------------------------
>
> Key: WW-3757
> URL: https://issues.apache.org/jira/browse/WW-3757
> Project: Struts 2
> Issue Type: Improvement
> Components: Example Applications
> Affects Versions: 2.3.1.2
> Reporter: Rene Gielen
> Assignee: Rene Gielen
> Fix For: 2.3.2
>
>
> Data inputted by users should be outputted in a clean way to demonstrate XSS prevention.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (WW-3757) Improve output sanitizing best
practices in example applications
Posted by "Hudson (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WW-3757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13211345#comment-13211345 ]
Hudson commented on WW-3757:
----------------------------
Integrated in Struts2 #416 (See [https://builds.apache.org/job/Struts2/416/])
WW-3757
Show how to produce sanitized output of user inputted data (Revision 1290994)
Result = SUCCESS
rgielen :
Files :
* /struts/struts2/trunk/apps/showcase/src/main/java/org/apache/struts2/showcase/source/ViewSourceAction.java
* /struts/struts2/trunk/apps/showcase/src/main/webapp/viewSource.jsp
> Improve output sanitizing best practices in example applications
> ----------------------------------------------------------------
>
> Key: WW-3757
> URL: https://issues.apache.org/jira/browse/WW-3757
> Project: Struts 2
> Issue Type: Improvement
> Components: Example Applications
> Affects Versions: 2.3.1.2
> Reporter: Rene Gielen
> Assignee: Rene Gielen
> Fix For: 2.3.2
>
>
> Data inputted by users should be outputted in a clean way to demonstrate XSS prevention.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (WW-3757) Improve output sanitizing best
practices in example applications
Posted by "Rene Gielen (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WW-3757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rene Gielen resolved WW-3757.
-----------------------------
Resolution: Fixed
All outputs are now donw with either <s:property/> or ?html sanitizer in Freemarker
> Improve output sanitizing best practices in example applications
> ----------------------------------------------------------------
>
> Key: WW-3757
> URL: https://issues.apache.org/jira/browse/WW-3757
> Project: Struts 2
> Issue Type: Improvement
> Components: Example Applications
> Affects Versions: 2.3.1.2
> Reporter: Rene Gielen
> Assignee: Rene Gielen
> Fix For: 2.3.2
>
>
> Data inputted by users should be outputted in a clean way to demonstrate XSS prevention.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (WW-3757) Improve output sanitizing best practices
in example applications
Posted by "Rene Gielen (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WW-3757?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rene Gielen updated WW-3757:
----------------------------
Affects Version/s: (was: 2.3.1.1)
2.3.1.2
> Improve output sanitizing best practices in example applications
> ----------------------------------------------------------------
>
> Key: WW-3757
> URL: https://issues.apache.org/jira/browse/WW-3757
> Project: Struts 2
> Issue Type: Improvement
> Components: Example Applications
> Affects Versions: 2.3.1.2
> Reporter: Rene Gielen
> Assignee: Rene Gielen
> Fix For: 2.3.2
>
>
> Data inputted by users should be outputted in a clean way to demonstrate XSS prevention.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira