Radu Cotescu created SLING-4492:
-----------------------------------
Summary: Prevent configuring the ESAPI policies through content
Key: SLING-4492
URL: https://issues.apache.org/jira/browse/SLING-4492
Project: Sling
Issue Type: Bug
Components: Extensions
Reporter: Radu Cotescu
Assignee: Radu Cotescu
Fix For: XSS Protection API 1.0.0
Currently the ESAPI policies are configured through a file from the repository
- {{/libs/sling/xss/config.xml}}. However, the configuration of the XSS bundle
should be made through OSGi mechanisms instead of relying on content structures
and content overlay.
This issue tracks only the removal of the ESAPI configuration from the content.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
