[magnolia-dev] [JIRA] (MGNLSTK-1103) Wrap nodes with HTMLEscapingNodeWrapper before rendering - port to master

[on behalf of Roman Kovařík]

Roman Kovařík created MGNLSTK-1103 Wrap nodes with HTMLEscapingNodeWrapper before rendering - port to master Issue Type: Improvement Assignee: Roman Kovařík Created: 27/Feb/13 8:14 AM Description: MAGNOLIA-4011 introduces unwrapping nodes before rendering because of problem with multiple escaping. Unfortunately This change causes XSS vulnerability of most FTL templates. Don't unwrap nodes from HTMLEscapingNodeWrapper before rendering. Wrap nodes with HTMLEscapingNodeWrapper if they are not wrapped already. Fix Versions: 2.0.9 Project: Magnolia Standard Templating Kit Priority: Major Reporter: Roman Kovařík

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

---

----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com>
----------------------------------------------------------------