commit | bc0a76fb8f99abf06099a797d20c6a594afa7151 | [log] [tgz] |
---|---|---|
author | Robert Munteanu <rombert@apache.org> | Fri Jun 30 12:47:00 2023 +0200 |
committer | GitHub <noreply@github.com> | Fri Jun 30 12:47:00 2023 +0200 |
tree | 6cdfcb24ab2ebe8727be69b7a3bbd1921e271a16 | |
parent | 01effece015314baf2666766ff318004a206c5c7 [diff] |
SLING-11610 - Sling XSS API 2.3.0 does not work on Java 17 (#32) 1. Switch from reflective access to using sun.misc.Unsafe. Even though 'unsafe' looks scary, it's part of the jdk.unsupported module which both 'exports' and 'opens' its packages. Reference: https://blogs.oracle.com/javamagazine/post/a-peek-into-java-17-continuing-the-drive-to-encapsulate-the-java-runtime-internals 2. Library updates: update to the latest version of Mockito, drop Powermock 3. Exclude xml-apis transitive dependency, this causes conflicts since we are using the module path See https://stackoverflow.com/questions/55571046/eclipse-is-confused-by-imports-accessible-from-more-than-one-module 4. Configure the maven-compiler-plugin to use source/target instead of release, even for newer JDK versions. This has the effect of running javac with fewer checks, and allows compilation on Java 8 to complete succesfully.
This module is part of the Apache Sling project.
The Apache Sling XSS Bundle provides two services for escaping and filtering XSS-prone user submitted content:
Please check the JavaDoc of each service to find out what methods they provide.