[pal-cvs 3217] [954] escaped a display name and description.

svnno****@sourc***** svnno****@sourc*****
2008年 6月 5日 (木) 08:57:19 JST


Revision: 954
          http://svn.sourceforge.jp/cgi-bin/viewcvs.cgi?root=pal&view=rev&rev=954
Author:   shinsuke
Date:     2008-06-05 08:57:19 +0900 (Thu, 05 Jun 2008)

Log Message:
-----------
escaped a display name and description.

Modified Paths:
--------------
    pal-portal/branches/pal-portal-1.x/portal/jetspeed-2/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java


-------------- next part --------------
Modified: pal-portal/branches/pal-portal-1.x/portal/jetspeed-2/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java
===================================================================
--- pal-portal/branches/pal-portal-1.x/portal/jetspeed-2/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java	2008-06-04 22:40:39 UTC (rev 953)
+++ pal-portal/branches/pal-portal-1.x/portal/jetspeed-2/components/portal/src/java/org/apache/jetspeed/layout/impl/GetPortletsAction.java	2008-06-04 23:57:19 UTC (rev 954)
@@ -25,6 +25,7 @@
 import java.util.Locale;
 import java.util.Map;
 
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.JetspeedActions;
@@ -165,9 +166,10 @@
                 {
                     image = "images/portlets/applications-internet.png";
                 }
-                list.add(new PortletInfo(uniqueName, portlet
-                        .getDisplayNameText(locale), portlet
-                        .getDescriptionText(locale), image));
+                list.add(new PortletInfo(uniqueName, StringEscapeUtils
+                        .escapeHtml(portlet.getDisplayNameText(locale)),
+                        StringEscapeUtils.escapeHtml(portlet
+                                .getDescriptionText(locale)), image));
             }
         }
         Collections.sort(list, this);


pal-cvs メーリングリストの案内