You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2023/04/02 09:17:00 UTC
[jira] [Closed] (DOXIASITETOOLS-300) Don't populate Velocity context with XML entities
[ https://issues.apache.org/jira/browse/DOXIASITETOOLS-300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Osipov closed DOXIASITETOOLS-300.
-----------------------------------------
Resolution: Fixed
Fixed with [2faacece64960f8106fa3449464008843cff1ea0|https://gitbox.apache.org/repos/asf?p=maven-doxia-sitetools.git;a=commit;h=2faacece64960f8106fa3449464008843cff1ea0].
> Don't populate Velocity context with XML entities
> -------------------------------------------------
>
> Key: DOXIASITETOOLS-300
> URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-300
> Project: Maven Doxia Sitetools
> Issue Type: Improvement
> Components: Site renderer
> Affects Versions: 2.0.0-M6
> Reporter: Michael Osipov
> Assignee: Michael Osipov
> Priority: Major
> Fix For: 2.0.0-M7
>
>
> With MSITE-226 and MSKINS-222 we need to escape values to avoid syntax errors. The {{SiteRenderer}} should not assume that target is XML/HTML. No premature escaping. It is the task of the view layer to properly escape content.
> When done, we will have double escaping, thus broken output.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)