Loading...

XML

Word

Printable

Type: Suggestion
Resolution: Fixed
Fix Version/s: 3.0
Component/s: None
Labels:

Feedback Policy:

We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

With the implementation of ~~CONF-9627~~ we should move to enable the automatic HTML entity encoding behaviour by default. Once this is done and developers are happy with the outcome, we can start removing the explict calls to htmlEncode in earnest.

is blocked by

CONFSERVER-14129 Exporting to Word in anti-XSS mode will include html tags

Closed

relates to

CONFSERVER-9627 Velocity does not automatically escape HTML entities when substituting variables

Closed

CONFSERVER-14431 Write Anti-XSS documentation for plugin developers

Closed

Assignee:: Chris Kiehl

Reporter:: Christopher Owen [Atlassian]

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 28/Jul/2008 1:14 AM

Updated:: 19/Sep/2019 5:21 AM

Resolved:: 11/Mar/2009 3:58 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates