Konrad Windszus created SLING-11768:
---------------------------------------
Summary: Display Context "scriptString" escapes hypen (-) with
\u002D
Key: SLING-11768
URL: https://issues.apache.org/jira/browse/SLING-11768
Project: Sling
Issue Type: Bug
Components: HTL, XSS Protection API
Reporter: Konrad Windszus
According to
https://github.com/adobe/htl-spec/blob/master/SPECIFICATION.md#121-display-context
the context {{scriptString}} should only encode
{quote}
... characters that would break out of the string.
{quote}
But {{AAA-BBB}} incorrectly becomes {{AAA\u002DBBB}} through this context
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
