XML Properties Can Be Set Which Contain XML Entities

Description

XML properties can be set in Openfire which contain XML entities. Since these entities are not escaped Openfire chokes when attempting to load them again from the XML file. Logic should be added to XMLProperties in order to escape and unescape XML entities from property values and not allow them in property keys, by throwing an exception.

Environment

None

Activity

Show:

Alex Wenckus September 12, 2007 at 2:58 PM

This issue supersedes the & in the admin password for LDAP.

Fixed

Details

Assignee

Reporter

Components

Fix versions

Priority

Created September 12, 2007 at 2:57 PM
Updated September 12, 2007 at 3:38 PM
Resolved September 12, 2007 at 3:38 PM