You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2023/04/02 09:17:00 UTC

[jira] [Closed] (DOXIASITETOOLS-300) Don't populate Velocity context with XML entities

     [ https://issues.apache.org/jira/browse/DOXIASITETOOLS-300?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Michael Osipov closed DOXIASITETOOLS-300.
-----------------------------------------
    Resolution: Fixed

Fixed with [2faacece64960f8106fa3449464008843cff1ea0|https://gitbox.apache.org/repos/asf?p=maven-doxia-sitetools.git;a=commit;h=2faacece64960f8106fa3449464008843cff1ea0].

> Don't populate Velocity context with XML entities
> -------------------------------------------------
>
>                 Key: DOXIASITETOOLS-300
>                 URL: https://issues.apache.org/jira/browse/DOXIASITETOOLS-300
>             Project: Maven Doxia Sitetools
>          Issue Type: Improvement
>          Components: Site renderer
>    Affects Versions: 2.0.0-M6
>            Reporter: Michael Osipov
>            Assignee: Michael Osipov
>            Priority: Major
>             Fix For: 2.0.0-M7
>
>
> With MSITE-226 and MSKINS-222 we need to escape values to avoid syntax errors. The {{SiteRenderer}} should not assume that target is XML/HTML. No premature escaping. It is the task of the view layer to properly escape content.
> When done, we will have double escaping, thus broken output.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)