This content has been marked as final.
Show 3 replies
-
1. Re: Protecting GateIn from XSS
trong.tran Jun 15, 2011 12:03 AM (in response to amayingenta)Actually this problem was identified and fixed in GateIn 3.2 which is still in development. You may prefer to take the patch for GateIn 3.1 in the attached file.
-
encodedBaseURL.patch.zip 772 bytes
-
-
2. Re: Protecting GateIn from XSS
amayingenta Jun 15, 2011 10:35 AM (in response to trong.tran)Thanks for the patch. Do you have a JIRA number that this patch comes from?
Are you aware of any other security related fixes in the 3.2 development that we should also pick up?
Thanks,
Andrew
-
3. Re: Protecting GateIn from XSS
trong.tran Jun 16, 2011 12:26 AM (in response to amayingenta)the patch comes from https://issues.jboss.org/browse/GTNPORTAL-1667 but seem it's not public to everybody.
I'm sure that there are other ones in 3.2 that i don't know yet. Sometimes i have to track/follow GateIn commits to get my needs