Thank you David. I didn't know the existence of this Atlassian product :) ahah
I was browsing trough ViewVC, even if it was not so comfortable... Thanks a lot. I will keep you informed. Michele OrrĂ¹ David E Jones-3 wrote: > > > On Feb 20, 2009, at 8:37 AM, euronymous wrote: >> David E Jones-3 wrote: >>> I'll try to look at that in the next day or two. It is probably a >>> place that doesn't uses the common tools and so gets around these >>> somehow... >> >> David >> >> I'm asking you a favour :) >> >> I'm analyzing all about your ESAPI/AntiSamy impementation. >> Let me understand better: all the files where you put your >> changes/integrations >> are traced in revisions 741857 and 742352? >> >> Let me know if I'm missing some classes that are not listed in these >> two >> commits: >> I'm really interested about knowing exactly where did you put the >> code, to >> better >> understand Ofbiz internal architecture and how did you integrate >> esapi. > > There are more commits than that. The easiest place to see them is > probably FishEye: > > http://fisheye6.atlassian.com/changelog/~author=jonesde/ofbiz/ > > You'll need to look back to 6 Feb, rev 741442, and as far forward as > 10 Feb, rev 742866. Those two commit and most in between them are > related to the canonicalization, HTML filtering/validation, and output > encoding. > > -David > > > -- View this message in context: http://www.nabble.com/Security-Issues-tp21622188p22157570.html Sent from the OFBiz - Dev mailing list archive at Nabble.com.
