Details
-
Type: Improvement
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: EE-1.8.2.GA_P04
-
Fix Version/s: EE-1.8.2.GA_P06
-
Component/s: ICE-Components
-
Labels:None
-
Environment:All
-
Salesforce Case Reference:
Description
With the changes made to resolve XSS attacks in ICE-5854, the ice:outputLabel no longer escapes the value. The feature request is to add in an escape attribute which will allow the developer to decide if it should be escaped or not. This would be similar functionality as the ice:outputText.
Issue Links
- depends on
-
ICE-8850 Add an escape attribute to the ICE output components
- Open
Confirmed using ICEfaces 1.8.2.GA_P06 build 1 in Firefox19, Chrome24, IE6/7/9.