[
https://issues.apache.org/jira/browse/OFBIZ-7041?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15314846#comment-15314846 ]
Forrest Rae commented on OFBIZ-7041:
------------------------------------
This new version of FreeMarker includes [auto-escaping and output formats|
http://freemarker.org/docs/dgui_misc_autoescaping.html]. The <#escape> directive has been deprecated. Notice the comment at the very end of this page:
"FreeMarker automatically escapes all values printed ... if it's properly configured (that's the responsibility of the programmers; [see here how|
http://freemarker.org/docs/pgui_config_outputformatsautoesc.html])."
Would be good to turn autoescaping on, and set the configuration to match .ftl as HTML and .fo.ftl as XML.
Thoughts?
> Upgrade freemarker jar to 2.3.24
> --------------------------------
>
> Key: OFBIZ-7041
> URL:
https://issues.apache.org/jira/browse/OFBIZ-7041> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: Deepak Dixit
> Assignee: Deepak Dixit
> Fix For: Upcoming Branch
>
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
Locked
