July 2025 - notifications - lists.xwiki.org

[xwiki/xwiki-platform] 15505b: XWIKI-23378: Protection against HTML macro injecti...

by XWiki Notifications

Branch: refs/heads/stable-17.4.x Home: https://github.com/xwiki/xwiki-platform Commit: 15505bf2e98486ea219fb0b84ecc4e2cb0c2c6ce https://github.com/xwiki/xwiki-platform/commit/15505bf2e98486ea219fb0b84ecc… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/XWikiDocument.java M xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/doc/XWikiDocumentTest.java Log Message: ----------- XWIKI-23378: Protection against HTML macro injection should be aligned with XHTML renderer * Apply HTML macro escaping improvements from rendering also to XWikiDocument#display: * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. (cherry picked from commit 12b780ccd5bca5fc8f74f46648d7e02fa04fbc11) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-platform/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-platform] 1da795: XWIKI-23378: Protection against HTML macro injecti...

by XWiki Notifications

Branch: refs/heads/stable-16.10.x Home: https://github.com/xwiki/xwiki-platform Commit: 1da795bb1c609ebfbccc94a71b22914fcb6ff77b https://github.com/xwiki/xwiki-platform/commit/1da795bb1c609ebfbccc94a71b22… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/XWikiDocument.java M xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/doc/XWikiDocumentTest.java Log Message: ----------- XWIKI-23378: Protection against HTML macro injection should be aligned with XHTML renderer * Apply HTML macro escaping improvements from rendering also to XWikiDocument#display: * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. (cherry picked from commit 12b780ccd5bca5fc8f74f46648d7e02fa04fbc11) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-platform/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-rendering] 1f151e: XRENDERING-792: Improve HTML macro escaping in XHT...

by XWiki Notifications

Branch: refs/heads/stable-17.4.x Home: https://github.com/xwiki/xwiki-rendering Commit: 1f151e963a41aa1527a1544e529baaa74ec7c37b https://github.com/xwiki/xwiki-rendering/commit/1f151e963a41aa1527a1544e529… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-rendering-xml/src/main/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinter.java M xwiki-rendering-xml/src/test/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinterTest.java Log Message: ----------- XRENDERING-792: Improve HTML macro escaping in XHTML rendering output * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. * Pre-compute suffixes to reduce memory allocations in rendering. (cherry picked from commit 9b71a2ee035815cfc29cebbfe81dbdd98f941d49) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-rendering/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-rendering] de7bb7: XRENDERING-792: Improve HTML macro escaping in XHT...

by XWiki Notifications

Branch: refs/heads/stable-16.10.x Home: https://github.com/xwiki/xwiki-rendering Commit: de7bb7a908420f9a3d80eacaf35b34de43b24a68 https://github.com/xwiki/xwiki-rendering/commit/de7bb7a908420f9a3d80eacaf35… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-rendering-xml/src/main/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinter.java M xwiki-rendering-xml/src/test/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinterTest.java Log Message: ----------- XRENDERING-792: Improve HTML macro escaping in XHTML rendering output * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. * Pre-compute suffixes to reduce memory allocations in rendering. (cherry picked from commit 9b71a2ee035815cfc29cebbfe81dbdd98f941d49) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-rendering/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-platform] 12b780: XWIKI-23378: Protection against HTML macro injecti...

by XWiki Notifications

Branch: refs/heads/master Home: https://github.com/xwiki/xwiki-platform Commit: 12b780ccd5bca5fc8f74f46648d7e02fa04fbc11 https://github.com/xwiki/xwiki-platform/commit/12b780ccd5bca5fc8f74f46648d7… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/doc/XWikiDocument.java M xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/doc/XWikiDocumentTest.java Log Message: ----------- XWIKI-23378: Protection against HTML macro injection should be aligned with XHTML renderer * Apply HTML macro escaping improvements from rendering also to XWikiDocument#display: * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-platform/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-rendering] 9b71a2: XRENDERING-792: Improve HTML macro escaping in XHT...

by XWiki Notifications

Branch: refs/heads/master Home: https://github.com/xwiki/xwiki-rendering Commit: 9b71a2ee035815cfc29cebbfe81dbdd98f941d49 https://github.com/xwiki/xwiki-rendering/commit/9b71a2ee035815cfc29cebbfe81… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-rendering-xml/src/main/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinter.java M xwiki-rendering-xml/src/test/java/org/xwiki/rendering/renderer/printer/XHTMLWikiPrinterTest.java Log Message: ----------- XRENDERING-792: Improve HTML macro escaping in XHTML rendering output * Escape all variants of both opening and closing HTML macros. * Escape also just the start of an opening and closing HTML macro to avoid complex patterns. * Pre-compute suffixes to reduce memory allocations in rendering. To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-rendering/settings/notifications

3 months, 3 weeks

1
0
0 0

[jira@xwiki.org][Issue] Updates for XCOMMONS-3371: $jsontool and $escapetool should escape { to increase compatibility with XWiki syntax rendering

by XWiki Notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-commons] c32a7a: XCOMMONS-3371: $jsontool and $escapetool should es...

by XWiki Notifications

Branch: refs/heads/stable-17.4.x Home: https://github.com/xwiki/xwiki-commons Commit: c32a7ad8819da785975768b508932f739346128e https://github.com/xwiki/xwiki-commons/commit/c32a7ad8819da785975768b508932… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/EscapeTool.java M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/JSONTool.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/EscapeToolTest.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/JSONToolTest.java Log Message: ----------- XCOMMONS-3371: $jsontool and $escapetool should escape { to increase compatibility with XWiki syntax rendering * Add { to the characters to escape in JSON, with custom unicode-based escaping as standard escaping isn't available. * Escape { in EscapeTool#javascript. * Add/adapt test cases. (cherry picked from commit e7961c62afd6230f206154991549e6543786e485) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-commons/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-commons] d4e045: XCOMMONS-3371: $jsontool and $escapetool should es...

by XWiki Notifications

Branch: refs/heads/stable-16.10.x Home: https://github.com/xwiki/xwiki-commons Commit: d4e045ebcaca908312cf0fcf84f18f2a6c32a7db https://github.com/xwiki/xwiki-commons/commit/d4e045ebcaca908312cf0fcf84f18… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/EscapeTool.java M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/JSONTool.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/EscapeToolTest.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/JSONToolTest.java Log Message: ----------- XCOMMONS-3371: $jsontool and $escapetool should escape { to increase compatibility with XWiki syntax rendering * Add { to the characters to escape in JSON, with custom unicode-based escaping as standard escaping isn't available. * Escape { in EscapeTool#javascript. * Add/adapt test cases. (cherry picked from commit e7961c62afd6230f206154991549e6543786e485) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-commons/settings/notifications

3 months, 3 weeks

1
0
0 0

[xwiki/xwiki-commons] e7961c: XCOMMONS-3371: $jsontool and $escapetool should es...

by XWiki Notifications

Branch: refs/heads/master Home: https://github.com/xwiki/xwiki-commons Commit: e7961c62afd6230f206154991549e6543786e485 https://github.com/xwiki/xwiki-commons/commit/e7961c62afd6230f206154991549e… Author: Michael Hamann <michael.hamann(a)xwiki.com> Date: 2025-07-14 (Mon, 14 Jul 2025) Changed paths: M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/EscapeTool.java M xwiki-commons-core/xwiki-commons-velocity/src/main/java/org/xwiki/velocity/tools/JSONTool.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/EscapeToolTest.java M xwiki-commons-core/xwiki-commons-velocity/src/test/java/org/xwiki/velocity/tools/JSONToolTest.java Log Message: ----------- XCOMMONS-3371: $jsontool and $escapetool should escape { to increase compatibility with XWiki syntax rendering * Add { to the characters to escape in JSON, with custom unicode-based escaping as standard escaping isn't available. * Escape { in EscapeTool#javascript. * Add/adapt test cases. To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-commons/settings/notifications

3 months, 3 weeks

1
0
0 0

2025

2024

2023

notifications July 2025