[ICE-6947] Improve new ACE component security with JSONBuilder - ICEsoft JIRA Issue Tracker

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.2
Fix Version/s: 3.3
Component/s: ACE-Components
Labels:
None
Environment:
ACE

Assignee Priority:
P1

Description

The new ACE components use ResponseWriter.write(String) to make un-escaped writes with manually quoted javascript values. It would be better to use JSONBuilder to handle the escaping automatically, and reduce the number of small text nodes we populate the DOM with.

Issue Links

depends on

ICE-6978 Augment JSONBuilder to write whole function calls

Closed

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Mark Collette added a comment - 23/Jun/11 7:28 PM

First we'll do ~~ICE-6978~~, and then we'll go over the the new components and use the new API to clean them up.

Show

Mark Collette added a comment - 23/Jun/11 7:28 PM First we'll do ICE-6978 , and then we'll go over the the new components and use the new API to clean them up.

Hide

Permalink

Nils Lundquist added a comment - 22/Jan/13 11:40 PM

Revision #33182
Committed by nils.lundquist
Moments ago
~~ICE-6947~~ - ACE components - Use JSONBuilder to concat entire JS init call.

Show

Nils Lundquist added a comment - 22/Jan/13 11:40 PM Revision #33182 Committed by nils.lundquist Moments ago ICE-6947 - ACE components - Use JSONBuilder to concat entire JS init call.

People

Assignee:

Nils Lundquist

Reporter:

Mark Collette

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

08/Jun/11 8:40 PM

Updated:

14/Nov/14 5:39 PM

Resolved:

22/Jan/13 11:40 PM