Re: Configuration Status dump.

[Chetan Mehrotra]

http://localhost:4502/system/console/config/configuration-status.zip


This URL works for me and provides the complete zip I think

On 11 Nov 2017 12:18 am, "Ian Boston"  wrote:

> Hi,
>
> On 10 November 2017 at 13:25, Carsten Ziegeler 
> wrote:
>
> > Right, that should work. The idea of the javascript with generating the
> > date is not a cache killer but it's to ensure that the filename you get
> > when saving the file has the date/time of when the zip was created.
> >
>
>
> Could use headers ?
> Content Disposition[1] could set the filename on download and cache
> headers[2] should stop caching.
> Would that work ?
> I can open an issue and fix if there are no objections.
>
> The reason I ask is if you can give a support person a URL to download
> its easier to persuade them to do it than go and click a button in a
> browser.
> They might even automate it ;)
>
> Best Regards
> Ian
>
> 1
> https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/
> Content-Disposition
> 2 Cache-Control: no-cache, no-store, must-revalidate
>
>
> >
> > Carsten
> >
> >
> > Bertrand Delacretaz wrote
> > > Hi Ian,
> > >
> > > On Fri, Nov 10, 2017 at 1:44 PM, Ian Boston  wrote:
> > >> ...AFAICT at the moment the url is buried under a javascript button
> > which
> > >> builds
> > >> http://localhost:8080/system/console/status-configuration/
> > configuration-status-
> > >> .zip ...
> > >
> > > IIRC the date is just used as a cache killer so using  might work,
> > > in order to have a stable URL?
> > >
> > > -Bertrand
> > >
> > --
> > Carsten Ziegeler
> > Adobe Research Switzerland
> > cziege...@apache.org
> >
>

Re: value level encryption

[Konrad Windszus]

Also EncryptionMapAdapterFactory.getAdapter() should be able to deal with 
resource providers not providing write access (i.e. 
adaptTo(ModifiableValueMap.class) returns null).

> Am 10.11.2017 um 22:21 schrieb Konrad Windszus :
> 
> Hi Jason, in general this looks good. But please add nullability annotations 
> to CipherProvider. Also using @CheckForNull on methods returning void is 
> useless.
> Konrad
> 
>> Am 10.11.2017 um 21:53 schrieb Jason Bailey :
>> 
>> Wanted to give a heads up in the direction I'm going with this.
>> 
>> https://github.com/JEBailey/sling-encrypt
>> 
>> CipherProvider is a service interface to provide pre-initialized Cipher 
>> Objects for encoding and decoding content.
>> EncryptionValueMap encompasses the functionality to encrypt and decrypt 
>> specific fields, currently focusing on String and String[] value types. Put 
>> and Get methods not implemented yet.
>> EncryptionValueMapDecorator to wrap a map.
>> 
>> For the EncryptionValueMap, I'm recording the properties that are encrypted 
>> in a separate property field, so that accessing those fields can be done 
>> seamlessly from any place that you are instantiate the EncryptionValueMap.
>> 
>> Feedback appreciated.
>> 
>> -Original Message-
>> From: Justin Edelson [mailto:jus...@justinedelson.com] 
>> Sent: Friday, November 03, 2017 3:37 PM
>> To: dev@sling.apache.org
>> Subject: Re: value level encryption
>> 
>> EXTERNAL
>> 
>> In AEM, posting encrypted properties to /etc/cloudservices is historically 
>> the primary use case for @Encrypted, but the PostProcessor applies to all 
>> post requests.
>> 
>> I think this would be a useful addition to Sling. We may want to have some 
>> kind of SPI to support different encryption schemes, but that's an 
>> implementation detail.
>> 
>> Regards,
>> Justin
>> 
>> 
>>> On Fri, Nov 3, 2017 at 2:48 PM Jason Bailey  wrote:
>>> 
>>> They only docs I can find on that, assuming we're talking AEM, 
>>> mentions it only works for posting things into /etc/cloudservices. So 
>>> that's out.
>>> It's been a while, but I'm under the impression that all 
>>> implementations of the java platform now come with a certain level of 
>>> crypto
>>> 
>>> https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html
>>> 
>>> I'd probably add a configuration so you could define the level of 
>>> cryptography, and then that would allow people who needed a higher 
>>> level to install their own providers. Is this something that Sling 
>>> would be interested in? Since I'm going to be writing this, if you're 
>>> interested, I'd rather write it with the intent of directly donating it.
>>> 
>>> 
>>> 
>>> -Original Message-
>>> From: Justin Edelson [mailto:jus...@justinedelson.com]
>>> Sent: Friday, November 03, 2017 1:35 PM
>>> To: dev@sling.apache.org
>>> Subject: Re: value level encryption
>>> 
>>> EXTERNAL
>>> 
>>> We have this in our commercial product. At a high level, the way it 
>>> works is that there is a PostProcessor which looks for an @Encrypted 
>>> postfixed property and, if that is present, the corresponding property 
>>> is stored in an encrypted fashion. Decryption is all done manually, 
>>> although personally the idea of an EncryptionValueMap seems really cool to 
>>> me.
>>> 
>>> I believe the challenge in bringing this into Sling relates to the 
>>> encryption libraries.
>>> 
 On Fri, Nov 3, 2017 at 8:45 AM Jason Bailey  wrote:
 
 Here's the use case
 
 My organization has decided that to conform to the GDPR, any 
 sensitive data should be encrypted while at rest. From a Sling 
 perspective that is a challenge since we've empowered the authors to 
 create forms the way they want. So to be on the safe side, we're 
 looking at encrypting all form fields as they are persisted, and 
 then decrypting the values from the resource  when we need to processes 
 them.
 
 Now I'm thinking of an EncryptionValueMap that will simplify this 
 process and encapsulate the functionality. You guys are usually 
 ahead of me when I come up with this stuff and I don't like 
 replicating effort. So is there any functionality currently or 
 planned to handle encryption of resource values?
 
 Thanks
 Jason
 
>>> 
> 

Re: value level encryption

[Konrad Windszus]

Hi Jason, in general this looks good. But please add nullability annotations to 
CipherProvider. Also using @CheckForNull on methods returning void is useless.
Konrad

> Am 10.11.2017 um 21:53 schrieb Jason Bailey :
> 
> Wanted to give a heads up in the direction I'm going with this.
> 
> https://github.com/JEBailey/sling-encrypt
> 
> CipherProvider is a service interface to provide pre-initialized Cipher 
> Objects for encoding and decoding content.
> EncryptionValueMap encompasses the functionality to encrypt and decrypt 
> specific fields, currently focusing on String and String[] value types. Put 
> and Get methods not implemented yet.
> EncryptionValueMapDecorator to wrap a map.
> 
> For the EncryptionValueMap, I'm recording the properties that are encrypted 
> in a separate property field, so that accessing those fields can be done 
> seamlessly from any place that you are instantiate the EncryptionValueMap.
> 
> Feedback appreciated.
> 
> -Original Message-
> From: Justin Edelson [mailto:jus...@justinedelson.com] 
> Sent: Friday, November 03, 2017 3:37 PM
> To: dev@sling.apache.org
> Subject: Re: value level encryption
> 
> EXTERNAL
> 
> In AEM, posting encrypted properties to /etc/cloudservices is historically 
> the primary use case for @Encrypted, but the PostProcessor applies to all 
> post requests.
> 
> I think this would be a useful addition to Sling. We may want to have some 
> kind of SPI to support different encryption schemes, but that's an 
> implementation detail.
> 
> Regards,
> Justin
> 
> 
>> On Fri, Nov 3, 2017 at 2:48 PM Jason Bailey  wrote:
>> 
>> They only docs I can find on that, assuming we're talking AEM, 
>> mentions it only works for posting things into /etc/cloudservices. So that's 
>> out.
>> It's been a while, but I'm under the impression that all 
>> implementations of the java platform now come with a certain level of 
>> crypto
>> 
>> https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html
>> 
>> I'd probably add a configuration so you could define the level of 
>> cryptography, and then that would allow people who needed a higher 
>> level to install their own providers. Is this something that Sling 
>> would be interested in? Since I'm going to be writing this, if you're 
>> interested, I'd rather write it with the intent of directly donating it.
>> 
>> 
>> 
>> -Original Message-
>> From: Justin Edelson [mailto:jus...@justinedelson.com]
>> Sent: Friday, November 03, 2017 1:35 PM
>> To: dev@sling.apache.org
>> Subject: Re: value level encryption
>> 
>> EXTERNAL
>> 
>> We have this in our commercial product. At a high level, the way it 
>> works is that there is a PostProcessor which looks for an @Encrypted 
>> postfixed property and, if that is present, the corresponding property 
>> is stored in an encrypted fashion. Decryption is all done manually, 
>> although personally the idea of an EncryptionValueMap seems really cool to 
>> me.
>> 
>> I believe the challenge in bringing this into Sling relates to the 
>> encryption libraries.
>> 
>>> On Fri, Nov 3, 2017 at 8:45 AM Jason Bailey  wrote:
>>> 
>>> Here's the use case
>>> 
>>> My organization has decided that to conform to the GDPR, any 
>>> sensitive data should be encrypted while at rest. From a Sling 
>>> perspective that is a challenge since we've empowered the authors to 
>>> create forms the way they want. So to be on the safe side, we're 
>>> looking at encrypting all form fields as they are persisted, and 
>>> then decrypting the values from the resource  when we need to processes 
>>> them.
>>> 
>>> Now I'm thinking of an EncryptionValueMap that will simplify this 
>>> process and encapsulate the functionality. You guys are usually 
>>> ahead of me when I come up with this stuff and I don't like 
>>> replicating effort. So is there any functionality currently or 
>>> planned to handle encryption of resource values?
>>> 
>>> Thanks
>>> Jason
>>> 
>> 

RE: value level encryption

[Jason Bailey]

Wanted to give a heads up in the direction I'm going with this.

https://github.com/JEBailey/sling-encrypt

CipherProvider is a service interface to provide pre-initialized Cipher Objects 
for encoding and decoding content.
EncryptionValueMap encompasses the functionality to encrypt and decrypt 
specific fields, currently focusing on String and String[] value types. Put and 
Get methods not implemented yet.
EncryptionValueMapDecorator to wrap a map.

For the EncryptionValueMap, I'm recording the properties that are encrypted in 
a separate property field, so that accessing those fields can be done 
seamlessly from any place that you are instantiate the EncryptionValueMap.

Feedback appreciated.

-Original Message-
From: Justin Edelson [mailto:jus...@justinedelson.com] 
Sent: Friday, November 03, 2017 3:37 PM
To: dev@sling.apache.org
Subject: Re: value level encryption

EXTERNAL

In AEM, posting encrypted properties to /etc/cloudservices is historically the 
primary use case for @Encrypted, but the PostProcessor applies to all post 
requests.

I think this would be a useful addition to Sling. We may want to have some kind 
of SPI to support different encryption schemes, but that's an implementation 
detail.

Regards,
Justin


On Fri, Nov 3, 2017 at 2:48 PM Jason Bailey  wrote:

> They only docs I can find on that, assuming we're talking AEM, 
> mentions it only works for posting things into /etc/cloudservices. So that's 
> out.
> It's been a while, but I'm under the impression that all 
> implementations of the java platform now come with a certain level of 
> crypto
>
> https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html
>
> I'd probably add a configuration so you could define the level of 
> cryptography, and then that would allow people who needed a higher 
> level to install their own providers. Is this something that Sling 
> would be interested in? Since I'm going to be writing this, if you're 
> interested, I'd rather write it with the intent of directly donating it.
>
>
>
> -Original Message-
> From: Justin Edelson [mailto:jus...@justinedelson.com]
> Sent: Friday, November 03, 2017 1:35 PM
> To: dev@sling.apache.org
> Subject: Re: value level encryption
>
> EXTERNAL
>
> We have this in our commercial product. At a high level, the way it 
> works is that there is a PostProcessor which looks for an @Encrypted 
> postfixed property and, if that is present, the corresponding property 
> is stored in an encrypted fashion. Decryption is all done manually, 
> although personally the idea of an EncryptionValueMap seems really cool to me.
>
> I believe the challenge in bringing this into Sling relates to the 
> encryption libraries.
>
> On Fri, Nov 3, 2017 at 8:45 AM Jason Bailey  wrote:
>
> > Here's the use case
> >
> > My organization has decided that to conform to the GDPR, any 
> > sensitive data should be encrypted while at rest. From a Sling 
> > perspective that is a challenge since we've empowered the authors to 
> > create forms the way they want. So to be on the safe side, we're 
> > looking at encrypting all form fields as they are persisted, and 
> > then decrypting the values from the resource  when we need to processes 
> > them.
> >
> > Now I'm thinking of an EncryptionValueMap that will simplify this 
> > process and encapsulate the functionality. You guys are usually 
> > ahead of me when I come up with this stuff and I don't like 
> > replicating effort. So is there any functionality currently or 
> > planned to handle encryption of resource values?
> >
> > Thanks
> > Jason
> >
>

Re: Configuration Status dump.

[Ian Boston]

Hi,

On 10 November 2017 at 13:25, Carsten Ziegeler  wrote:

> Right, that should work. The idea of the javascript with generating the
> date is not a cache killer but it's to ensure that the filename you get
> when saving the file has the date/time of when the zip was created.
>


Could use headers ?
Content Disposition[1] could set the filename on download and cache
headers[2] should stop caching.
Would that work ?
I can open an issue and fix if there are no objections.

The reason I ask is if you can give a support person a URL to download
its easier to persuade them to do it than go and click a button in a
browser.
They might even automate it ;)

Best Regards
Ian

1
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition
2 Cache-Control: no-cache, no-store, must-revalidate


>
> Carsten
>
>
> Bertrand Delacretaz wrote
> > Hi Ian,
> >
> > On Fri, Nov 10, 2017 at 1:44 PM, Ian Boston  wrote:
> >> ...AFAICT at the moment the url is buried under a javascript button
> which
> >> builds
> >> http://localhost:8080/system/console/status-configuration/
> configuration-status-
> >> .zip ...
> >
> > IIRC the date is just used as a cache killer so using  might work,
> > in order to have a stable URL?
> >
> > -Bertrand
> >
> --
> Carsten Ziegeler
> Adobe Research Switzerland
> cziege...@apache.org
>

Re: [RESULT] [VOTE] Release Apache Sling Hypermedia API tools 1.1.0

[Andrei Dulvac]

Hi,

The vote has passed with the following result :

+3 (binding): Carsten, Stefan, Karl
+1 (non binding): Andrei Dulvac

Can someone in the PMC help me with putting this release to the Sling
dist directory and
promote the artifacts to maven central?

- Andrei


On Fri, Nov 10, 2017 at 1:22 PM Karl Pauls  wrote:

> +1
>
> regards,
>
> Karl
>
> On Fri, Nov 10, 2017 at 11:33 AM, Andrei Dulvac  wrote:
> > Hi,
> >
> > Thanks for the votes.
> > Anybody else can have a look?
> >
> > - Andrei
> >
> > On Wed, Nov 8, 2017 at 2:04 AM Stefan Seifert 
> > wrote:
> >
> >> +1
> >>
>
>
>
> --
> Karl Pauls
> karlpa...@gmail.com
>

Re: Configuration Status dump.

[Carsten Ziegeler]

Right, that should work. The idea of the javascript with generating the
date is not a cache killer but it's to ensure that the filename you get
when saving the file has the date/time of when the zip was created.

Carsten


Bertrand Delacretaz wrote
> Hi Ian,
> 
> On Fri, Nov 10, 2017 at 1:44 PM, Ian Boston  wrote:
>> ...AFAICT at the moment the url is buried under a javascript button which
>> builds
>> http://localhost:8080/system/console/status-configuration/configuration-status-
>> .zip ...
> 
> IIRC the date is just used as a cache killer so using  might work,
> in order to have a stable URL?
> 
> -Bertrand
> 
-- 
Carsten Ziegeler
Adobe Research Switzerland
cziege...@apache.org

Re: Configuration Status dump.

[Bertrand Delacretaz]

Hi Ian,

On Fri, Nov 10, 2017 at 1:44 PM, Ian Boston  wrote:
> ...AFAICT at the moment the url is buried under a javascript button which
> builds
> http://localhost:8080/system/console/status-configuration/configuration-status-
> .zip ...

IIRC the date is just used as a cache killer so using  might work,
in order to have a stable URL?

-Bertrand

Configuration Status dump.

[Ian Boston]

Hi,
Is there a URL where its possible to get Sling to reliably download (using
curl) a full configuration status dump zip (suitable authn/authz)

AFAICT at the moment the url is buried under a javascript button which
builds
http://localhost:8080/system/console/status-configuration/configuration-status-
.zip

Ideally I would like to be able to do something like
curl http://admin:admin@localhost:8080/system/console/configuration-status.zip
-o configuration-status-todaysdate.zip

Best Regards
Ian

Re: [VOTE] Release Apache Sling Hypermedia API tools 1.1.0

[Karl Pauls]

+1

regards,

Karl

On Fri, Nov 10, 2017 at 11:33 AM, Andrei Dulvac  wrote:
> Hi,
>
> Thanks for the votes.
> Anybody else can have a look?
>
> - Andrei
>
> On Wed, Nov 8, 2017 at 2:04 AM Stefan Seifert 
> wrote:
>
>> +1
>>



-- 
Karl Pauls
karlpa...@gmail.com

Re: [VOTE] Release Apache Sling Hypermedia API tools 1.1.0

[Andrei Dulvac]

Hi,

Thanks for the votes.
Anybody else can have a look?

- Andrei

On Wed, Nov 8, 2017 at 2:04 AM Stefan Seifert 
wrote:

> +1
>

Re: What is the significance of escaping illegal JCR characters in JcrValueMap while reading?

[Satya Deep Maheshwari]

Logged SLING-7237  for
this.

On Fri, Nov 10, 2017 at 2:52 PM, Satya Deep Maheshwari <
m.satyad...@gmail.com> wrote:

> Hi
>
> I wanted to understand the significance of escaping illegal JCR characters
> in JcrValueMap while reading? See [1] wherein while reading a jcr property,
> the name is escaped of illegal jcr characters. For e.g. if I say
> valueMap.get("jcr:content/xyz") then it is escaped as "jcr%3Acontent/xyz"
> which is clearly not the intent. While escaping illegal chars during
> writing would make sense, why is is it done at the time of reading?
>
> Regards
> Satya Deep
>
> [1] - https://github.com/apache/sling-org-apache-sling-jcr-
> resource/blob/master/src/main/java/org/apache/sling/jcr/
> resource/internal/JcrValueMap.java#L301
>

[jira] [Updated] (SLING-7237) JcrValueMap escapes legal ':' character in namespace

[Satya Deep Maheshwari (JIRA)]

 [ 
https://issues.apache.org/jira/browse/SLING-7237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Satya Deep Maheshwari updated SLING-7237:
-
Description: 
See [1] wherein while reading a jcr property, 
the name is escaped of illegal jcr character ':' . For e.g. if I say 
{{valueMap.get("jcr:content/xyz")}} then it is escaped as {{jcr%3Acontent/xyz}} 
. This is not correct if I have a namespace by the name "jcr" registered 
already because then {{jcr:content/xyz}} is a valid property path.


[1] - 
https://github.com/apache/jackrabbit/blob/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/util/Text.java#L482

  was:
See [1] wherein while reading a jcr property, 
the name is escaped of illegal jcr character ':' . For e.g. if I say 
{{valueMap.get("jcr:content/xyz")}} then it is escaped as {{jcr%3Acontent/xyz}} 
. This is not correct if I have a namespace by the name "jcr" registered 
already because then {{jcr:content/xyz}} is a valid property name.


[1] - 
https://github.com/apache/jackrabbit/blob/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/util/Text.java#L482


> JcrValueMap escapes legal ':' character in namespace
> 
>
> Key: SLING-7237
> URL: https://issues.apache.org/jira/browse/SLING-7237
> Project: Sling
>  Issue Type: Bug
>  Components: JCR
>Affects Versions: JCR Resource 3.0.6
>Reporter: Satya Deep Maheshwari
>
> See [1] wherein while reading a jcr property, 
> the name is escaped of illegal jcr character ':' . For e.g. if I say 
> {{valueMap.get("jcr:content/xyz")}} then it is escaped as 
> {{jcr%3Acontent/xyz}} . This is not correct if I have a namespace by the name 
> "jcr" registered already because then {{jcr:content/xyz}} is a valid property 
> path.
> [1] - 
> https://github.com/apache/jackrabbit/blob/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/util/Text.java#L482



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Created] (SLING-7237) JcrValueMap escapes legal ':' character in namespace

[Satya Deep Maheshwari (JIRA)]

Satya Deep Maheshwari created SLING-7237:


 Summary: JcrValueMap escapes legal ':' character in namespace
 Key: SLING-7237
 URL: https://issues.apache.org/jira/browse/SLING-7237
 Project: Sling
  Issue Type: Bug
  Components: JCR
Affects Versions: JCR Resource 3.0.6
Reporter: Satya Deep Maheshwari


See [1] wherein while reading a jcr property, 
the name is escaped of illegal jcr character ':' . For e.g. if I say 
{{valueMap.get("jcr:content/xyz")}} then it is escaped as {{jcr%3Acontent/xyz}} 
. This is not correct if I have a namespace by the name "jcr" registered 
already because then {{jcr:content/xyz}} is a valid property name.


[1] - 
https://github.com/apache/jackrabbit/blob/trunk/jackrabbit-jcr-commons/src/main/java/org/apache/jackrabbit/util/Text.java#L482



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (SLING-7232) Remove http.bridge from launchpad base

[Karl Pauls (JIRA)]

[ 
https://issues.apache.org/jira/browse/SLING-7232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16247293#comment-16247293
 ] 

Karl Pauls commented on SLING-7232:
---

[~cziegeler], yeah - I should have been more specific. I will create a new 
issue for the starter and make this one only about the base (which I plan to 
release shortly - just need a new Felix framework release first). Thanks!

> Remove http.bridge from launchpad base
> --
>
> Key: SLING-7232
> URL: https://issues.apache.org/jira/browse/SLING-7232
> Project: Sling
>  Issue Type: Improvement
>  Components: Launchpad
>Reporter: Carsten Ziegeler
>Assignee: Karl Pauls
> Fix For: Launchpad Builder 10, Launchpad Base 2.6.26, Launchpad 
> Testing War 10
>
>
> Currently launchpad base embedds the http.bridge bundle for the webapp setup. 
> So whenever the http bridge needs an update, we need to release a new 
> launchpad version. As this is just a bundle which needs to be available in 
> the webapp scenario we can move this to the provisioning model and bind it to 
> the webapp runmode.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Commented] (SLING-7232) Remove http.bridge from launchpad base

[Carsten Ziegeler (JIRA)]

[ 
https://issues.apache.org/jira/browse/SLING-7232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16247282#comment-16247282
 ] 

Carsten Ziegeler commented on SLING-7232:
-

[~karlpauls] Looks good to me. The only thing is that we don't allow snapshot 
dependencies in the starter module. So this needs a release of base first

> Remove http.bridge from launchpad base
> --
>
> Key: SLING-7232
> URL: https://issues.apache.org/jira/browse/SLING-7232
> Project: Sling
>  Issue Type: Improvement
>  Components: Launchpad
>Reporter: Carsten Ziegeler
>Assignee: Karl Pauls
> Fix For: Launchpad Builder 10, Launchpad Base 2.6.26, Launchpad 
> Testing War 10
>
>
> Currently launchpad base embedds the http.bridge bundle for the webapp setup. 
> So whenever the http bridge needs an update, we need to release a new 
> launchpad version. As this is just a bundle which needs to be available in 
> the webapp scenario we can move this to the provisioning model and bind it to 
> the webapp runmode.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

What is the significance of escaping illegal JCR characters in JcrValueMap while reading?

[Satya Deep Maheshwari]

Hi

I wanted to understand the significance of escaping illegal JCR characters
in JcrValueMap while reading? See [1] wherein while reading a jcr property,
the name is escaped of illegal jcr characters. For e.g. if I say
valueMap.get("jcr:content/xyz") then it is escaped as "jcr%3Acontent/xyz"
which is clearly not the intent. While escaping illegal chars during
writing would make sense, why is is it done at the time of reading?

Regards
Satya Deep

[1] -
https://github.com/apache/sling-org-apache-sling-jcr-resource/blob/master/src/main/java/org/apache/sling/jcr/resource/internal/JcrValueMap.java#L301

[RESULT] [VOTE] Release Apache Sling Event Support version 4.2.10

[Timothee Maret]

Hi,

The vote has passed with the following result :

+1 : Stefan Seifert, Carsten Ziegeler, Tommaso Teofili, Ian Boston


Could a member of the PMC please push the release to
https://dist.apache.org/repos/dist/release/sling ?

I'll take care of the remaining steps once this is done.

Regards,

Timothee