<!-- 
RSS generated by JIRA (9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b) at Mon Feb 12 07:33:24 CET 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>Magnolia - Issue tracker</title>
    <link>https://jira.magnolia-cms.com</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-uk</language>    <build-info>
        <version>9.4.2</version>
        <build-number>940002</build-number>
        <build-date>19-01-2023</build-date>
    </build-info>


<item>
            <title>[MGNLSTK-1101] Wrap nodes with HTMLEscapingNodeWrapper before rendering - 2.0.x</title>
                <link>https://jira.magnolia-cms.com/browse/MGNLSTK-1101</link>
                <project id="10287" key="MGNLSTK">Magnolia Standard Templating Kit (closed)</project>
                    <description>&lt;p&gt;&lt;a href=&quot;https://jira.magnolia-cms.com/browse/MAGNOLIA-4011&quot; title=&quot;Exclusion of nodes not working on inheritable page components&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MAGNOLIA-4011&quot;&gt;&lt;del&gt;MAGNOLIA-4011&lt;/del&gt;&lt;/a&gt; introduces unwrapping nodes before rendering because of problem with multiple escaping. &lt;br/&gt;
Unfortunately This change causes XSS vulnerability of most FTL templates.&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;Don&apos;t unwrap nodes from HTMLEscapingNodeWrapper before rendering.&lt;/li&gt;
	&lt;li&gt;Wrap nodes with HTMLEscapingNodeWrapper if they are not wrapped already.&lt;/li&gt;
&lt;/ol&gt;
</description>
                <environment></environment>
        <key id="28212">MGNLSTK-1101</key>
            <summary>Wrap nodes with HTMLEscapingNodeWrapper before rendering - 2.0.x</summary>
                <type id="4" iconUrl="https://jira.magnolia-cms.com/secure/viewavatar?size=xsmall&amp;avatarId=10890&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.magnolia-cms.com/images/icons/priorities/major.svg">Major</priority>
                        <status id="6" iconUrl="https://jira.magnolia-cms.com/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are not closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="1">Fixed</resolution>
                                        <assignee username="rkovarik">Roman Kova&#345;&#237;k</assignee>
                                    <reporter username="rkovarik">Roman Kova&#345;&#237;k</reporter>
                        <labels>
                    </labels>
                <created>Thu, 21 Feb 2013 16:01:34 +0100</created>
                <updated>Mon, 4 Mar 2013 09:01:19 +0100</updated>
                            <resolved>Thu, 28 Feb 2013 08:31:24 +0100</resolved>
                                                    <fixVersion>2.0.9</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="58368" author="rkovarik" created="Wed, 27 Feb 2013 08:17:30 +0100"  >&lt;p&gt;Port to master is registered under &lt;a href=&quot;https://jira.magnolia-cms.com/browse/MGNLSTK-1103&quot; title=&quot;Wrap nodes with HTMLEscapingNodeWrapper before rendering - port to master&quot; class=&quot;issue-link&quot; data-issue-key=&quot;MGNLSTK-1103&quot;&gt;&lt;del&gt;MGNLSTK-1103&lt;/del&gt;&lt;/a&gt;.&lt;/p&gt;</comment>
                            <comment id="58468" author="had" created="Wed, 27 Feb 2013 23:25:16 +0100"  >&lt;p&gt;Can you update title and description to reflect what was really done? I think most changes were rolled back after re-enabling wrapping in the renderer ... and pls link that issue.&lt;/p&gt;</comment>
                            <comment id="58479" author="rkovarik" created="Thu, 28 Feb 2013 08:31:24 +0100"  >&lt;p&gt;There are also related commits from other tickets in the GIT tab of this issue. &lt;br/&gt;
Commits only for this ticket:&lt;br/&gt;
&lt;a href=&quot;http://git.magnolia-cms.com/gitweb/?p=modules/standard-templating-kit.git;a=commitdiff;h=7aad49af3fc0300bd39f613061b8a5468c226264&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://git.magnolia-cms.com/gitweb/?p=modules/standard-templating-kit.git;a=commitdiff;h=7aad49af3fc0300bd39f613061b8a5468c226264&lt;/a&gt;&lt;br/&gt;
&lt;a href=&quot;http://git.magnolia-cms.com/gitweb/?p=modules/standard-templating-kit.git;a=commitdiff;h=b4020b9bad7b3ee8f0d9841c02c21344b451e2b6&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;http://git.magnolia-cms.com/gitweb/?p=modules/standard-templating-kit.git;a=commitdiff;h=b4020b9bad7b3ee8f0d9841c02c21344b451e2b6&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10030">
                    <name>Cloners</name>
                                                                <inwardlinks description="is cloned by">
                                        <issuelink>
            <issuekey id="28375">MGNLSTK-1103</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10020">
                    <name>dependency</name>
                                                                <inwardlinks description="is depended upon by">
                                        <issuelink>
            <issuekey id="28025">MGNLSTK-1095</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                            <customfield id="customfield_14166" key="com.okapya.jira.checklist:checklist">
                        <customfieldname>Acceptance criteria</customfieldname>
                        <customfieldvalues>
                            
        <checklist>
        <![CDATA[
                            




                
                                    <div class="o-completion" style="display: flex; flex-shrink: 0;"><span  class="aui-lozenge aui-lozenge-complete" style="font-size: 12px; font-weight: normal; display: flex; flex-direction: row; align-items: center;" ><span style="padding-right: 4px; vertical-align: middle;"><svg width="15" height="15" viewBox="0 0 15 15" xmlns="http://www.w3.org/2000/svg" fill="white"><path clip-rule="evenodd" d="m10.41037,3.42544l-7.86501,0c-0.72395,0 -1.31084,0.58688 -1.31084,1.31084l0,7.86508c0,0.7239 0.58689,1.3108 1.31084,1.3108l7.86501,0c0.724,0 1.3109,-0.5869 1.3109,-1.3108l0,-7.86508c0,-0.72396 -0.5869,-1.31084 -1.3109,-1.31084zm-7.86501,-0.65542c-1.08593,0 -1.96626,0.88032 -1.96626,1.96626l0,7.86508c0,1.0859 0.88033,1.9662 1.96626,1.9662l7.86501,0c1.086,0 1.9663,-0.8803 1.9663,-1.9662l0,-7.86508c0,-1.08594 -0.8803,-1.96626 -1.9663,-1.96626l-7.86501,0z" fill-rule="evenodd"/><path d="m5.09049,10.18526l-1.82767,-1.82766l-0.78479,0.78479l2.61246,2.61246l5.38758,-5.38754l-0.78483,-0.78479l-4.60275,4.60274z"/></svg></span><span>Empty</span></span></div>
                        ]]>
    </checklist>


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10111" key="com.atlassian.jira.toolkit:reporterdomain">
                        <customfieldname>Company</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>magnolia-cms.com</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_10031" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 27 Feb 2013 23:25:16 +0100</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_12730" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_14151" key="com.atlassian.jira.toolkit:message">
                        <customfieldname>Docu info</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10061" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comm is not jira-dev</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>false</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10071" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last participant</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>mmuehlebach</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_13136" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            10 years, 51 weeks, 3 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10020" key="com.atlassian.jira.toolkit:attachments">
                        <customfieldname>Number of attachments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10150" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname>Number of comments</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10011" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>had</customfieldvalue>
            <customfieldvalue>rkovarik</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10833" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i00p33:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10244" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>4114</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14145" key="com.intenso.jira.issue-templates:issue-templates-customfield">
                        <customfieldname>Template</customfieldname>
                        <customfieldvalues>
                            


                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_15131" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Time in Discovery</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10032" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>