Red Hat Bugzilla – Bug 858386
modcluster: Encode XML-unsafe characters from user input as XML entities
Last modified: 2014-03-27 12:43:37 EDT
+++ This bug was initially created as a clone of Bug #855112 +++
In connection to case discussed in the public cluster ML , we need
to make sure the user input that makes its way into XML (either as
cluster.conf or XML-formatted requests towards ricci) is XML-ready.
That is, the "unsafe" characters are encoded as XML entities.
More generally, we need to make sure XML entities are handled
correctly in each step of processing in following chain:
client (ccs, luci) -- ricci -- ricci-worker -- modcluster
Otherwise, such requests have no effect and unfortunately, neither
ricci provides a sensible diagnostics about this. Example of such
input is the password for the initial authentization against ricci.
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unable to address this
request at this time.
Red Hat invites you to ask your support representative to
propose this request, if appropriate, in the next release of
Red Hat Enterprise Linux.
*** This bug has been marked as a duplicate of bug 855112 ***