[
http://jira.codehaus.org/browse/MRM-1468?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=264887#action_264887
]
Maria Odea Ching commented on MRM-1468:
---------------------------------------
Hi Marc, I was able to apply your patch locally and also ran the selenium tests
successfully. Sorry I missed the following in the previous review of the patch,
but can you make the following changes to the fix:
* include '\' as accepted value for proxy username
* use Struts2 URL validator to validate URLs
Thanks!
> Fix cross-site scripting vulnerability in Archiva.
> --------------------------------------------------
>
> Key: MRM-1468
> URL: http://jira.codehaus.org/browse/MRM-1468
> Project: Archiva
> Issue Type: Task
> Affects Versions: 1.3.4
> Reporter: Marc Jansen Tan Chua
> Assignee: Maria Odea Ching
> Fix For: 1.3.5
>
> Attachments: MRM-1468-1.patch, MRM-1468-2.patch, MRM-1468.patch
>
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
