Thanks Thusitha. That implies the vulnerability in jquery1.8.0 ( jQuery which is inside swagger) is not a threat for the product.
Thanks & Regards, Ishara Cooray Senior Software Engineer Mobile : +9477 262 9512 WSO2, Inc. | http://wso2.com/ Lean . Enterprise . Middleware On Fri, Apr 21, 2017 at 2:53 PM, Thusitha Kalugamage <[email protected]> wrote: > Hi Ishara, > > Although there can be jQuery distributions within third party libraries, I > think we have to make sure that only one jQuery distribution is used > throughout a product. > APIM Manager 2.1.0 uses jquery-1.11.3.min.js AFIK which swagger-ui works > fine with. Thus, jQuery which is inside swagger or any other third party > library is not called at all. > > Hope this helps. > > Regards, > > On Fri, Apr 21, 2017 at 1:50 PM, Ishara Cooray <[email protected]> wrote: > >> Hi, >> >> APIM Manager 2.1.0 uses jquery-1.11.3.min.js where as Swagger console >> embedded in store app uses jquery-1.8.0.min.js >> >> When i check browser console while page with the swagger console is >> loading, i could observe that there is a GET request made to >> jquery-1.11.3.min.js >> >> Wondering what is the jquery min js version using at runtime for swagger >> console. >> is the Swagger jquery lib is getting overridden by the products lib since >> it is the latest version? >> >> >> Thanks & Regards, >> Ishara Cooray >> Senior Software Engineer >> Mobile : +9477 262 9512 <+94%2077%20262%209512> >> WSO2, Inc. | http://wso2.com/ >> Lean . Enterprise . Middleware >> > > > > -- > Thusitha Kalugamage > *Software Engineer* > Mobile : +94 (0) 774 074370 > Tel : +94 (0) 112 145 345 > [email protected] >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
