Change By: Roman Kovařík (28/Feb/13 8:15 AM)
Summary: Most of Escape  values  in FTL templates should be  for rendering, don't escape already  escaped  - 2.0.x  values 
Description: # Open some web page Due to changes by MGNLSTK  - > Page Info 1101 and MAGNOLIA-4866 are most of values in FTL templates already escaped.
* remove escaping from templates

Cover the cases where are values still not escaped:
#  Enter for  Nodes taken by  * Headline/Navigation Title/Site Title Identifier *  some XSS  in model classes .
#
 Save -> XSS exploit  Contents taken by *querries*.

#  A lot of other templates with the same problem  Assests .
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira



----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

Reply via email to