[ https://issues.apache.org/jira/browse/EAGLE-172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jilin, Jiang closed EAGLE-172. ------------------------------ Resolution: Not A Problem > Scripting string is allowed to create policy rules. > --------------------------------------------------- > > Key: EAGLE-172 > URL: https://issues.apache.org/jira/browse/EAGLE-172 > Project: Eagle > Issue Type: Bug > Environment: sandbox > Reporter: Michael Wu > Assignee: Jilin, Jiang > Priority: Minor > Attachments: Screen Shot 2016-02-25 at 12.05.05.png > > > While creating a policy, to define a rule, users can input a scripting > fragment. From security perspective, such behavior should be forbidden. Such > as <a href='google' />. See the attached screenshot. > The project is built upon branch: > https://github.com/zombieJ/incubator-eagle/tree/module -- This message was sent by Atlassian JIRA (v6.3.4#6332)