Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-5566

As a developer I don't need to take any extra measures to have my pages protected against XSS and XSRF

XMLWordPrintable

      While all content is already protected at least when using STK where everything is wrapped in HTMLEncodingNodeWrapper there is no similar protection for any info that is coming via request parameters. Such params should be escaped as well.

        Acceptance criteria

              Unassigned Unassigned
              had Jan Haderka
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Task DoD