[ https://issues.apache.org/jira/browse/SLING-10391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17744191#comment-17744191 ]
Stefan Seifert commented on SLING-10391: ---------------------------------------- looking at the implementation of the real XSSAPIImpl i'm wondering why we mock it at all - in https://github.com/apache/sling-org-apache-sling-testing-sling-mock/pull/25 i've a different proposal that uses the real implementation, and introduces a mock for the rather complex implementation of XSSFilter instead. WDYT? > Improve MockXSSAPIImpl > ---------------------- > > Key: SLING-10391 > URL: https://issues.apache.org/jira/browse/SLING-10391 > Project: Sling > Issue Type: Bug > Components: Testing > Affects Versions: Testing Sling Mock 3.0.2 > Reporter: Henry Kuijpers > Priority: Major > > MockXSSAPIImpl only has a few very simplistic method implementations (i.e. > for encodeForHTML it returns the input as-is). > I think we can make some improvements to it, by: > * Use StringEscapeUtils.escapeHtml4() to do HTML escaping (so that we can at > least see a difference in the output) > * Use StringEscapeUtils.escapeXml() to do XML escaping > etc. -- This message was sent by Atlassian Jira (v8.20.10#820010)