Google Git
Sign in
apache / sling-org-apache-sling-xss / 5ca5b28b5870d799a34ea8313796b2d30c3c18c1
commit5ca5b28b5870d799a34ea8313796b2d30c3c18c1[log] [tgz]
authorRadu Cotescu <radu@apache.org>Wed Jan 22 18:05:31 2020 +0100
committerRadu Cotescu <radu@apache.org>Wed Jan 22 18:05:31 2020 +0100
tree2830d1dc23910c615108caa043f1d1c1acf8d180
parenta80ea47745b608b5b32fabf6b695697307945098 [diff]
SLING-9019 - The XSSFilter will mark URLs containing both escaped characters and HTML entities as invalid

* apply HTML unescaping before sending the URL to the AntiSamy validator
1 file changed
tree: 2830d1dc23910c615108caa043f1d1c1acf8d180
  1. src/
  2. .gitignore
  3. bnd.bnd
  4. CODE_OF_CONDUCT.md
  5. CONTRIBUTING.md
  6. Jenkinsfile
  7. LICENSE
  8. pom.xml
  9. README.md
README.md

Build Status Test Status Maven Central JavaDocs License

Apache Sling XSS Protection

This module is part of the Apache Sling project.

The Apache Sling XSS Bundle provides two services for escaping and filtering XSS-prone user submitted content:

  1. org.apache.sling.xss.XSSAPI
  2. org.apache.sling.xss.XSSFilter

Please check the JavaDoc of each service to find out what methods they provide.