Uploaded image for project: 'Fluid Infusion'
  1. Fluid Infusion
  2. FLUID-4050

Renderer does not escape UIBound values correctly (esp character " - double quote)

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.3
    • Fix Version/s: 1.3.1
    • Component/s: Renderer
    • Labels:
      None

      Description

      UIBound values output by the renderer are not XMLEncoded properly. In most cases the browser can "auto-repair" the attribute value but for the case of double quote " it can only assume that the attribute value has terminated. This is a serious data integrity risk.

        Attachments

          Activity

            People

            Assignee:
            michelle.dsouza@utoronto.ca Michelle D'Souza
            Reporter:
            antranig Antranig Basman
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: