Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-10342

The recursion selector value for the JsonRenderServlet should be limited to real numbers

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Servlets Get 2.1.40
    • Servlets Get 2.1.42
    • Servlets
    • None

    Description

      The JsonRenderServlet recursion selector is supposed to be:

      "-1" | "infinity" | [0-9]+

      Following SLING-2324, a value > Integer.MAX_VALUE is considered to be "infinity".

      However, we don't enforce that the value is not a negative number (besides the allowed "-1") nor do we prevent it from being a numeric which is not real numbers (i.e., not matching [0-9]+).

      We should make sure we only accept: "-1" | "infinity" | [0-9]+

      Attachments

        Issue Links

          Blocked

          Bug - A problem which impairs or prevents the functions of the product. SLING-10591 Non latin characters can be used as recursion level in JsonRenderer

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. SLING-10591 Non latin characters can be used as recursion level in JsonRenderer

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              karlpauls Karl Pauls
              karlpauls Karl Pauls
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 50m
                  50m