Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-8866

Add reporting info in the XSS Protection API bundle

    XMLWordPrintableJSON

Details

    Description

      The XSS Protection API should be enhanced to provide some reporting about invalid URLs in order to allow operators of a Sling instance to monitor the state of the system (e.g. incorrect AntiSamy configurations, attacks, DOS attempts, etc.).

      The following ideas should be taken into consideration:

      1. add last X blocked expressions to the Sling XSS Web Console page
      2. generate blocked metrics, based on configurable paths, e.g. /libs, /apps, /content.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #8

          Activity

            People

              radu Radu Cotescu
              radu Radu Cotescu
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h 50m
                  1h 50m