[
https://issues.apache.org/jira/browse/SLING-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joel Richard updated SLING-4584:
Attachment: 0001-SLING-4584-Performance-XSSAPI.getValidHref-should-no.patch
[~asanso], would you
[
https://issues.apache.org/jira/browse/SLING-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joel Richard updated SLING-4584:
Attachment: (was: SLING-4584.patch)
Performance: XSSAPI.getValidHref should not be based on
[
https://issues.apache.org/jira/browse/SLING-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Radu Cotescu updated SLING-4584:
Component/s: Extensions
Performance: XSSAPI.getValidHref should not be based on HTML filtering
[
https://issues.apache.org/jira/browse/SLING-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Radu Cotescu updated SLING-4584:
Fix Version/s: XSS Protection API 1.0.4
Performance: XSSAPI.getValidHref should not be based on
[
https://issues.apache.org/jira/browse/SLING-4584?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joel Richard updated SLING-4584:
Attachment: SLING-4584.patch
I have implemented a patch which uses some AntiSamy internals to