Uploaded image for project: 'Hippo CMS'
  1. Hippo CMS
  2. CMS-14945

[Backport] HTML-encode the data written in the StatusServlet

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • 13.4.15, 14.7.4, 15.0.0
    • None
    • None
    • 0.5
    • Nova
    • Team Nova Sprint 278

    Description

      In the file hippo-repository/servlets/src/main/java/org/hippoecm/repository/StatusServlet.java, exceptions are written in HTML context without encoding:

      writer.print("Error occured:<br/><pre>");
writer.println(ex.getClass().getName()+": "+ex.getMessage());
ex.printStackTrace(writer);
writer.println("</pre>");

      Attachments

        Activity

          People

            Unassigned Unassigned
            abogaart Arthur Bogaart
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: