Uploaded image for project: 'Fluid Infusion'
  1. Fluid Infusion
  2. FLUID-4050

Renderer does not escape UIBound values correctly (esp character " - double quote)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.3
    • 1.3.1
    • Renderer
    • None

    Description

      UIBound values output by the renderer are not XMLEncoded properly. In most cases the browser can "auto-repair" the attribute value but for the case of double quote " it can only assume that the attribute value has terminated. This is a serious data integrity risk.

      Attachments

        Activity

          People

            michelle.dsouza@utoronto.ca Michelle D'Souza
            antranig Antranig Basman
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: