[ https://issues.apache.org/jira/browse/KNOX-1194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16375280#comment-16375280 ]
ASF subversion and git services commented on KNOX-1194: ------------------------------------------------------- Commit 92946b8d7b6efaabaa0f1074843a3a9682fa3367 in knox's branch refs/heads/master from [~pzampino] [ https://git-wip-us.apache.org/repos/asf?p=knox.git;h=92946b8 ] KNOX-1194 - Safe loading and dumping of yaml, and filter empty-value properties from JSON output. > AdminUI should use safe versions of YAML load and dump methods. > --------------------------------------------------------------- > > Key: KNOX-1194 > URL: https://issues.apache.org/jira/browse/KNOX-1194 > Project: Apache Knox > Issue Type: Bug > Components: AdminUI > Affects Versions: 1.1.0 > Reporter: Phil Zampino > Assignee: Phil Zampino > Priority: Major > Fix For: 1.1.0 > > > The AdminUI currently user js-yaml methods load and dump. It should be using > safeLoad and safeDump to limit the risks associated with handling untrusted > YAML. -- This message was sent by Atlassian JIRA (v7.6.3#76005)