[
https://issues.apache.org/jira/browse/SLING-5946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Radu Cotescu updated SLING-5946:
Fix Version/s: (was: XSS Protection API 1.0.10)
XSS Protection API 1.0.12
>
[
https://issues.apache.org/jira/browse/SLING-5946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vlad Bailescu updated SLING-5946:
-
Description: Since SLING-5445, {{XSSAPI#encodeForJSString}} is no longer
properly encoding {{}}
[
https://issues.apache.org/jira/browse/SLING-5946?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Vlad Bailescu updated SLING-5946:
-
Attachment: SLING_5946.patch
Added proposed patch
> XSSAPI#encodeForJSString is not restrictive