Loading...

Log In
Closed

XML

Word

Printable

Type: Suggestion
Resolution: Fixed
Fix Version/s: 3.0
Component/s: None
Labels:

With the implementation of ~~CONF-9627~~ we should move to enable the automatic HTML entity encoding behaviour by default. Once this is done and developers are happy with the outcome, we can start removing the explict calls to htmlEncode in earnest.

is blocked by

CONFSERVER-14129 Exporting to Word in anti-XSS mode will include html tags

Closed

relates to

CONFSERVER-9627 Velocity does not automatically escape HTML entities when substituting variables

Closed

CONFSERVER-14431 Write Anti-XSS documentation for plugin developers

Closed

Assignee:: Chris Kiehl
Reporter:: Christopher Owen [Atlassian]
Votes:: 0 Vote for this issue
Watchers:: 0 Start watching this issue

Created:: 28/Jul/2008 1:14 AM
Updated:: 19/Sep/2019 5:21 AM
Resolved:: 11/Mar/2009 3:58 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates