DELTASPIKE-960 is fixed now. regards, gerhard
2015-07-17 16:39 GMT+02:00 Thomas Andraschko <[email protected]>: > Yep. Gerhard, can you add the substring logik to the > initialredirectwindowid, too? Im away till next week. > > > Am Freitag, 17. Juli 2015 schrieb Gerhard Petracek : > >> hi ortwin, >> >> thx for reporting the issue! >> (fyi: please send such topics to the dev-list) >> >> @thomas: >> we need to use maxWindowIdCount there as well. >> >> regards, >> gerhard >> >> >> >> 2015-07-17 16:01 GMT+02:00 Ortwin Escher <[email protected]>: >> >>> Hello, >>> >>> The WindowIdHtmlRenderer writes the cookie content of the dsrwid cookie >>> directly into the page body when using the <ds:windowId/> tag. You might >>> want to escape the content, do a sanity check or at least do the same >>> shortening the windowId request parameter has. >>> >>> A small example: Having a cookie like "dsrwid--9414" with the content >>> "-9414'+alert('HelloWorld')+'" will open a HelloWorld alert when the >>> window id is "-9414". >>> >>> Kind regards >>> >>> Ortwin Escher >>> >>> Fachreferent, Fahrzeug IT, VC-M1 >>> >>> IAV GmbH >>> Rockwellstrasse 16 >>> 38518 GIFHORN >>> GERMANY >>> >>> Internet: http://www.iav.com >>> >>> Sitz/Registered Office: Berlin, >>> Registergericht/Registration Court: Amtsgericht Charlottenburg, >>> Registernummer/Company Registration Number: HRB 21 280, >>> Geschäftsführer/Managing Directors: Kurt Blumenröder, Michael Schubert, >>> Olaf Kupke >>> Vorsitzender des Aufsichtsrates/Chairman of the Supervisory Board: Dr. >>> Harald Ludanek >> >> >>
