This resolves a potential xss when using the dojox.xmpp.util.xmlEncode method.
The output was used by RosterService to subscribe a valid xml encoded name. The name is never attached directly to the DOM, but is sent to the xmpp server as XML. It may affect xmpp servers without proper input handling or users that use dojox.smpp.util.xmlEncode() directly who add its output to a page.
This resolves a potential xss when using the dojox.xmpp.util.xmlEncode method.
The output was used by
RosterService
to subscribe a valid xml encoded name. The name is never attached directly to the DOM, but is sent to the xmpp server as XML. It may affect xmpp servers without proper input handling or users that usedojox.smpp.util.xmlEncode()
directly who add its output to a page.