[
https://issues.apache.org/jira/browse/SLING-4236?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Felix Meschberger resolved SLING-4236.
--------------------------------------
Resolution: Fixed
Fix Version/s: XSS Protection API 1.0.0
Fixed in Rev. 1644580:
* Include patch by Radu Cotescu (thanks a lot)
* Extend patch to getValid* and filterHtml methods
* Leverage TestCase.assertEquals for result validation
* Add more tests for empty and null input
* Add {{LongValidationRule}} to implement {{XSSAPI.getValidLong}} (using
{{Validator.getValidNumber}} internally would return wrong long values due to
imprecise conversion between double and long for large values and it would
convert rational numbers to integral numbers, which does not seem to be
desired; i.e 100.5 should not return 100)
> The XSSAPI's encode methods should return null for null input
> -------------------------------------------------------------
>
> Key: SLING-4236
> URL: https://issues.apache.org/jira/browse/SLING-4236
> Project: Sling
> Issue Type: Bug
> Components: Extensions
> Affects Versions: XSS Protection API 1.0.0
> Reporter: Radu Cotescu
> Assignee: Felix Meschberger
> Fix For: XSS Protection API 1.0.0
>
> Attachments: SLING-4236.patch
>
>
> The XSSAPI's encode methods should return {{null}} for {{null}} input.
> Currently it seems that the default implementation based on the
> {{owasp-java-encoder}} transforms {{null}} into {{"null"}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
