Project

General

Profile

Actions
Copy link

Bug #6617

closed

XML response from action=getprincipals can contain reserved characters

Added by ben leinfelder about 10 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jing Tao
Category:
-
Target version:
2.5.1
Start date:
11/06/2014
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:

Description

Alvin pointed this out in KNB help email.
http://support.nceas.ucsb.edu/rt/Ticket/Display.html?id=10534

I just found a bug in Metacat that may prevent Morpho to refresh the user list when adding or updating access list.
The problem is that the XML generated by action `/metacat?action=getprincipals` can be invalid because the values from LDAP entries may contain XML-reserved characters, which are not sanitized in the XML output.
Actions
Copy link
 #1

Updated by ben leinfelder about 9 years ago

  • Target version changed from 2.5.0 to 2.5.1
Actions
Copy link
 #2

Updated by Jing Tao almost 9 years ago

  • Assignee changed from ben leinfelder to Jing Tao
Actions
Copy link
 #3

Updated by Jing Tao almost 9 years ago

  • Status changed from New to Closed

Use the exscapeXml method in the apache common lang library to escape those xml entities in the values.

Actions
Copy link

Also available in: Atom PDF