Author: jacopoc
Date: Sat Sep 3 09:49:12 2016
New Revision: 1759065
URL:
http://svn.apache.org/viewvc?rev=1759065&view=revLog:
In rev. 153624 Jacques LeRoux changed the value of the attribute allow-html from "safe" to "any" and deprecated the usage of the "safe" value.
However the "safe" behavior is necessary to allow these fields to accept tags in a safe way: for this reason that commit should be reverted and a different solution should be implemented.
In the meantime, this commit changes the allow-html values for the blog entries to "none".
Modified:
ofbiz/trunk/applications/content/servicedef/services.xml
Modified: ofbiz/trunk/applications/content/servicedef/services.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/content/servicedef/services.xml?rev=1759065&r1=1759064&r2=1759065&view=diff==============================================================================
--- ofbiz/trunk/applications/content/servicedef/services.xml (original)
+++ ofbiz/trunk/applications/content/servicedef/services.xml Sat Sep 3 09:49:12 2016
@@ -823,8 +823,8 @@
<attribute name="statusId" type="String" mode="IN" optional="true"/>
<attribute name="description" type="String" mode="IN" optional="true"/>
<attribute name="templateDataResourceId" type="String" mode="IN" optional="true"/>
- <attribute name="articleData" type="String" mode="IN" optional="true" allow-html="any"/>
- <attribute name="summaryData" type="String" mode="IN" optional="true" allow-html="any"/>
+ <attribute name="articleData" type="String" mode="IN" optional="true" allow-html="none"/>
+ <attribute name="summaryData" type="String" mode="IN" optional="true" allow-html="none"/>
</service>
<service name="updateBlogEntry" engine="simple" auth="true"
location="component://content/minilang/blog/BlogServices.xml" invoke="updateBlogEntry">
Locked
