Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-5566

As a developer I don't need to take any extra measures to have my pages protected against XSS and XSRF

    XMLWordPrintable

Details

    Description

      While all content is already protected at least when using STK where everything is wrapped in HTMLEncodingNodeWrapper there is no similar protection for any info that is coming via request parameters. Such params should be escaped as well.

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              Unassigned Unassigned
              had Jan Haderka
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Task DoD