keycloak-aplcache

diff --git a/saml-core/src/main/java/org/keycloak/saml/common/util/TransformerUtil.java b/saml-core/src/main/java/org/keycloak/saml/common/util/TransformerUtil.java
index 372a5da..4e43c3d 100755
--- a/saml-core/src/main/java/org/keycloak/saml/common/util/TransformerUtil.java
+++ b/saml-core/src/main/java/org/keycloak/saml/common/util/TransformerUtil.java
@@ -113,6 +113,7 @@ public class TransformerUtil {
                     transformerFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
                 } catch (TransformerConfigurationException ignored) {
                     // some platforms don't support this.   For example our testsuite pulls Selenium which requires Xalan 2.7.1
+                    logger.warn("XML External Entity switches are not supported.  You may get XML injection vulnerabilities.");
                 }
                 try {
                     transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_DTD, "");
@@ -120,6 +121,7 @@ public class TransformerUtil {
                     transformerFactory.setAttribute(XMLConstants.ACCESS_EXTERNAL_STYLESHEET, "");
                 } catch (Exception ignored) {
                     // some platforms don't support this.   For example our testsuite pulls Selenium which requires Xalan 2.7.1
+                    logger.warn("XML External Entity switches are not supported.  You may get XML injection vulnerabilities.");
                 }
 
             } finally {

diff --git a/themes/src/main/resources/theme/base/admin/resources/js/services.js b/themes/src/main/resources/theme/base/admin/resources/js/services.js
index 3c9d645..1ec8513 100755
--- a/themes/src/main/resources/theme/base/admin/resources/js/services.js
+++ b/themes/src/main/resources/theme/base/admin/resources/js/services.js
@@ -1315,10 +1315,9 @@ module.factory('PasswordPolicy', function() {
         if (!policies || policies.length == 0) {
             return "";
         }
-
         var policyString = "";
 
-        for (var i in policies){
+        for (var i = 0; i < policies.length; i++) {
             policyString += policies[i].name;
             if ( policies[i].value ){
                 policyString += '(' + policies[i].value + ')';

diff --git a/themes/src/main/resources/theme/base/admin/resources/partials/password-policy.html b/themes/src/main/resources/theme/base/admin/resources/partials/password-policy.html
index 81d8f1d..eeca9ab 100755
--- a/themes/src/main/resources/theme/base/admin/resources/partials/password-policy.html
+++ b/themes/src/main/resources/theme/base/admin/resources/partials/password-policy.html
@@ -34,7 +34,7 @@
                            placeholder="{{:: 'no-value-assigned.placeholder' | translate}}" min="1" required>
                 </td>
                 <td class="kc-action-cell">
-                    <button type="button" class="btn btn-default btn-block btn-sm" ng-click="removePolicy($index)">{{:: 'delete' | translate}}</button>
+                    <button class="btn btn-default btn-block btn-sm" ng-click="removePolicy($index)">{{:: 'delete' | translate}}</button>
                 </td>
             </tr>
             </tbody>

diff --git a/themes/src/main/resources/theme/keycloak/admin/resources/css/styles.css b/themes/src/main/resources/theme/keycloak/admin/resources/css/styles.css
old mode 100644
new mode 100755