The GitHub Actions job "CodeQL" on ofbiz-framework.git has failed. Run started by GitHub user asfgit (triggered by asfgit).
Head commit for run: eb0419fdfb048e7d42f91d391b76fae480ac0b0c / Jacques Le Roux <jacques.le.r...@les7arts.com> Fixed: Extend HTML Sanitizer - style attribute (OFBIZ-12691) While backporting previous trunk commit (to a0d829f770) a test error showed in 22.01 (not in trunk, the same was just in log). Then if today you try to put a quote (single or double) at https://demo-trunk.ofbiz.apache.org/content/control/WebSiteCms?webSiteId=CmsSite you won't be able to, because of: <<The Following Errors Occurred: In field [textData] by our input policy, your input has not been accepted for security reason. Please check and modify accordingly, thanks.>> This is due to the use of HtmlSanitizer.Policy() on value in checkStringForHtmlSafe The solution is to put back quotes (single or double) before comparing. While at it, I also modified checkStringForHtmlSafe to return safe HTML entities for ' and " This also adds comments about why we have <<new Locale("test")>> in several places: labels are not available in testClasses Gradle task. Report URL: https://github.com/apache/ofbiz-framework/actions/runs/3043826251 With regards, GitHub Actions via GitBox
