From f11575bfbe3ace84a7845aba42885426e89b3768 Mon Sep 17 00:00:00 2001 From: Hubbitus Date: Wed, 2 Apr 2014 11:47:58 +0400 Subject: [PATCH] According to https://developer.atlassian.com/display/CONFDEV/Enabling+XSS+Protection+in+Plugins Html method suffix should solve problem HTML escaping in velocity templates, but it does not work for v6.1 for some reasons. Fix it by add dependency to velocity-htmlsafe and use @HtmlSafe annotation. Also refresh jgit version and minor changes for compatibility. --- pom.xml | 8 +++++++- src/main/java/RepoTest.java | 2 +- src/main/java/com/xiplink/jira/git/GitManagerImpl.java | 2 +- .../git/issuetabpanels/changes/GitRevisionAction.java | 2 ++ 4 files changed, 11 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index e4633c8..1564fee 100644 --- a/pom.xml +++ b/pom.xml @@ -46,7 +46,7 @@ org.eclipse.jgit org.eclipse.jgit - 0.10.1 + 3.3.1.201403241930-r com.jcraft @@ -65,6 +65,12 @@ 3.2.0 provided + + com.atlassian.velocity.htmlsafe + velocity-htmlsafe + 1.2.1-m2 + provided +