[
https://issues.apache.org/jira/browse/KUDU-1898?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15884926#comment-15884926
]
Todd Lipcon commented on KUDU-1898:
-----------------------------------
[~hahao] can you take a look since you worked on this most recently? Guessing
we need to pass some kind of flag into the CommandLineFlagsIntoString()
function to indicate HTML escaping.
> /varz page doesn't HTML-escape flag values
> ------------------------------------------
>
> Key: KUDU-1898
> URL: https://issues.apache.org/jira/browse/KUDU-1898
> Project: Kudu
> Issue Type: Bug
> Components: util
> Affects Versions: 1.3.0
> Reporter: Todd Lipcon
> Assignee: Hao Hao
>
> I was just trying the new "flag redaction" feature and noticed that the
> string '<redacted>' isn't getting properly HTML-escaped in the /varz web
> page. It appears we've never properly escaped flag values in this context,
> but it's only obvious now that the '<redacted>' string is getting interpreted
> as an HTML tag.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
