maven-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Digulla (JIRA)" <j...@codehaus.org>
Subject [jira] Commented: (DOXIA-431) Doxia creates illegal URLs from local paths
Date Tue, 24 May 2011 14:22:22 GMT

    [ http://jira.codehaus.org/browse/DOXIA-431?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=268325#action_268325
] 

Aaron Digulla commented on DOXIA-431:
-------------------------------------

I have no idea. But from my experience, I'd say that those URLs should already be encoded.
I mean "Image[1].png" is a valid Unix filename. If you want to use that as a caption, you
need escaping.

So maybe the solution is to reject strings which contain invalid characters close to the input
side.

But I saw that you have sanitize methods in some URL helper class in Doxia. That led me to
think that you want to do it there and I don't believe this will work. Data must be sanitized
and validated in the outside interface, not deep in the code.

> Doxia creates illegal URLs from local paths
> -------------------------------------------
>
>                 Key: DOXIA-431
>                 URL: http://jira.codehaus.org/browse/DOXIA-431
>             Project: Maven Doxia
>          Issue Type: Bug
>          Components: Core
>    Affects Versions: 1.2
>            Reporter: Aaron Digulla
>
> If a local resource contains characters which are illegal in a URL, Doxia creates illegal
code or crashes.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message