You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Note that the tests __fail__ indicating the vulnerability! There is no later version of jspwiki available in the Maven repository that makes these tests
pass as APIs the tests depends on also change. In particular, the required class `org.apache.wiki.auth.TestAuthorizer` needs to implement additional methods
in `org.apache.wiki.auth.authorize.WebAuthorizer` in `org.apache.jspwiki:jspwiki-main:2.11.0.M7`.
Also, in 2.11.0 , `WikiEngine` expects that *""JSPWiki requires a container which supports at least version 3.1 of Servlet specification"* and
enforces this by throwing an exception. However, the mock container provided in `net.sourceforge.stripes:stripes:1.7.0-async-beta`
only supports container version `2.*`.
Note that the tests __fail__ indicating the vulnerability!
The commit, apache/jspwiki@88d89d6, that contains the original patch to fix the vulnerability also contains a new test -- but that test has a bug, which
was fixed a few minutes later in apache/jspwiki@3ad9e5e. Our test has the same fix.
