Lorenzo Pirondini created SLING-10591:
-----------------------------------------
Summary: Non latin characters can be used as recursion level in
JsonRenderer
Key: SLING-10591
URL: https://issues.apache.org/jira/browse/SLING-10591
Project: Sling
Issue Type: Bug
Components: Servlets
Affects Versions: Servlets Get 2.1.44
Reporter: Lorenzo Pirondini
Attachments: unicode table.md
in the JsonRenderer when the recursive value is parsed, it's indicated that it
should be a real number and >= -1 i.e., [0-9]+ | -1.
https://github.com/apache/sling-org-apache-sling-servlets-get/blob/3828946288f4a03cafdde1069e34fc2603ed056d/src/main/java/org/apache/sling/servlets/get/impl/helpers/JsonRenderer.java#L182
it was found that other unicode number can be used such as `١` , `꧕` or `႙` .
This has security implication in projects implementing Sling and trying to
restrict access to the recursive selector.
expected outcome:
only numbers 0-9 and -1 can be used as numerical recursive selectors.
full table of unicode that have been found working as recursive selectors
[^unicode table.md]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
