Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Invalid
-
Affects Version/s: 1.8.2
-
Fix Version/s: None
-
Component/s: ICE-Components
-
Labels:None
-
Environment:All
Description
ListboxRenderer in the Sun RI escapes the values of SelectItem if the attribute escape is true.
This feature is missing in IceFaces.
IMPORTANT: This is a security bug, as cross site scripting is possible.
Easy to fix by:
...
String val = label == null ? valueString : label;
if (selectItem.isEscape())
val = DOMUtils.escapeAnsi(val);
Text labelNode = doc.createTextNode(val);
...
This feature is missing in IceFaces.
IMPORTANT: This is a security bug, as cross site scripting is possible.
Easy to fix by:
...
String val = label == null ? valueString : label;
if (selectItem.isEscape())
val = DOMUtils.escapeAnsi(val);
Text labelNode = doc.createTextNode(val);
...
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
Marking as Closed / Invalid as part of legacy ICEfaces ICE / Compat component JIRA cleanup.
Note: This issue may be resolved in a newer ICEfaces release, available here: http://www.icesoft.org/java/downloads/icefaces-downloads.jsf
If the issue persists with the current ICEfaces release, please create a new JIRA for it.