Uploaded image for project: 'Repose'
  1. REP-5940

Block additional XPath calls in attribute map

    Details

    • Type: Story
    • Status: Resolved (View workflow)
    • Priority: Very High
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 8.6.3.0
    • Component/s: None
    • Labels:
      None

      Description

      Full details can be found here : https://github.com/rackerlabs/attributeMapping/issues/38
      https://github.com/rackerlabs/attributeMapping/pull/39

      This feature will add more blacklisted functions in the path so that they cannot be accessed from external resources. Specifically, Saxon is not blocking unparsed-text and unparsed-text-available. It has to do with XPath 2.0 features and which functions are allowed in the path.

      Acceptance Criteria:

      • block access to unparsed-text, unparsed-tet-available

        Attachments

          Issue links

            Activity

              People

              • Assignee:
                damien.johnson Damien Johnson
                Reporter:
                jorgew Jorge Williams
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: