ICEfaces
  1. ICEfaces
  2. ICE-5115

ListboxRenderer does not escape SelectItem

          Details

          • Type: Bug Bug
          • Status: Closed
          • Priority: Major Major
          • Resolution: Invalid
          • Affects Version/s: 1.8.2
          • Fix Version/s: None
          • Component/s: ICE-Components
          • Labels:
            None
          • Environment:
            All

            Description

            ListboxRenderer in the Sun RI escapes the values of SelectItem if the attribute escape is true.
            This feature is missing in IceFaces.
            IMPORTANT: This is a security bug, as cross site scripting is possible.

            Easy to fix by:
            ...
                String val = label == null ? valueString : label;
                if (selectItem.isEscape())
                  val = DOMUtils.escapeAnsi(val);
                Text labelNode = doc.createTextNode(val);
            ...

              Activity

              Ascending order - Click to sort in descending order
              Martin Aubele created issue -
              Ken Fyten made changes -
              Field Original Value New Value
              Status Open [ 1 ] Closed [ 6 ]
              Resolution Invalid [ 6 ]

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  Martin Aubele
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: