Return-Path: Delivered-To: apmail-continuum-issues-archive@www.apache.org Received: (qmail 74177 invoked from network); 5 Apr 2011 09:46:50 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 5 Apr 2011 09:46:50 -0000 Received: (qmail 89889 invoked by uid 500); 5 Apr 2011 09:46:50 -0000 Delivered-To: apmail-continuum-issues-archive@continuum.apache.org Received: (qmail 89869 invoked by uid 500); 5 Apr 2011 09:46:50 -0000 Mailing-List: contact issues-help@continuum.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@continuum.apache.org Delivered-To: mailing list issues@continuum.apache.org Received: (qmail 89859 invoked by uid 99); 5 Apr 2011 09:46:50 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Apr 2011 09:46:50 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [63.246.2.115] (HELO codehaus01.managed.contegix.com) (63.246.2.115) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Apr 2011 09:46:43 +0000 Received: from codehaus01.managed.contegix.com (localhost.localdomain [127.0.0.1]) by codehaus01.managed.contegix.com (Postfix) with ESMTP id 52E0C14A8025 for ; Tue, 5 Apr 2011 04:46:22 -0500 (CDT) Date: Tue, 5 Apr 2011 04:46:22 -0500 (CDT) From: "efraim lorenz longkines (JIRA)" To: issues@continuum.apache.org Message-ID: <14182859.49049.1301996782257.JavaMail.haus-jira@codehaus01.managed.contegix.com> In-Reply-To: <8984890.49035.1301995942234.JavaMail.haus-jira@codehaus01.managed.contegix.com> Subject: [jira] Commented: (CONTINUUM-2620) add an interceptor that checks for posible cross-site scripting (XSS) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 4e90ceb663894a42f12c0e28abbab431 X-Virus-Checked: Checked by ClamAV on apache.org [ http://jira.codehaus.org/browse/CONTINUUM-2620?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=262526#action_262526 ] efraim lorenz longkines commented on CONTINUUM-2620: ---------------------------------------------------- Initial fix for this was implemented in http://jira.codehaus.org/browse/REDBACK-275 (included in 1.2.7) and http://jira.codehaus.org/browse/MRM-1460. Latest community issue in Redback for this issue http://jira.codehaus.org/browse/REDBACK-276 > add an interceptor that checks for posible cross-site scripting (XSS) > --------------------------------------------------------------------- > > Key: CONTINUUM-2620 > URL: http://jira.codehaus.org/browse/CONTINUUM-2620 > Project: Continuum > Issue Type: Task > Reporter: efraim lorenz longkines > > Right now, continuum is vulnerable for cross-site scripting. Need to add an interceptor that checks for possible XSS -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira