We're updating the issue view to help you get more done. 

XML Properties Can Be Set Which Contain XML Entities

Description

XML properties can be set in Openfire which contain XML entities. Since these entities are not escaped Openfire chokes when attempting to load them again from the XML file. Logic should be added to XMLProperties in order to escape and unescape XML entities from property values and not allow them in property keys, by throwing an exception.

Environment

None

Acceptance Test - Entry

  1. Set a property contained in the Openfire.xml file through the API with a value that contains an xml entity such as &

  2. Load this property back from the API, after restarting Openfire, and ensure an exception isn't thrown.

Activity

Show:
Alex Wenckus
September 12, 2007, 2:58 PM

This issue supersedes the & in the admin password for LDAP.

Assignee

Alex Wenckus

Reporter

Alex Wenckus

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Fix versions

Priority

Major
Configure