commit | acaefc493eca19e3efbfef86fb712bb0db6bb57f | [log] [tgz] |
---|---|---|
author | Radu Cotescu <170911+raducotescu@users.noreply.github.com> | Thu Jan 16 17:50:58 2020 +0100 |
committer | GitHub <noreply@github.com> | Thu Jan 16 17:50:58 2020 +0100 |
tree | 6ec3a1684a063801b65231b0cfe8f0b07a562065 | |
parent | b3c8e24f036d32abcbd405a4af8e63975f601746 [diff] |
SLING-8866 - Add reporting info in the XSS Protection API bundle * added a counter metric (sling:xss.invalid_hrefs) to track the number of invalid URLs detected by org.apache.sling.xss.XSSFilter#isValidHref * enhanced the webconsole plugin to provide a detailed report of the blocked URLs * allow a system administrator to download the active AntiSamy configuration * expose JSON / XML endpoints to retrieve the current status of the XSS library / the active AntiSamy configuration
This module is part of the Apache Sling project.
The Apache Sling XSS Bundle provides two services for escaping and filtering XSS-prone user submitted content:
Please check the JavaDoc of each service to find out what methods they provide.