[ https://issues.apache.org/jira/browse/SLING-4492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Radu Cotescu updated SLING-4492: -------------------------------- Summary: Prevent configuring the ESAPI policies through random content files (was: Prevent configuring the ESAPI policies through content) > Prevent configuring the ESAPI policies through random content files > ------------------------------------------------------------------- > > Key: SLING-4492 > URL: https://issues.apache.org/jira/browse/SLING-4492 > Project: Sling > Issue Type: Bug > Components: Extensions > Reporter: Radu Cotescu > Assignee: Radu Cotescu > Fix For: XSS Protection API 1.0.0 > > > Currently the ESAPI policies are configured through a file from the > repository - {{/libs/sling/xss/config.xml}}. However, the configuration of > the XSS bundle should be made through OSGi mechanisms instead of relying on > content structures and content overlay. > This issue tracks only the removal of the ESAPI configuration from the > content. -- This message was sent by Atlassian JIRA (v6.3.4#6332)