svn commit: r1213500 - /oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php

Mon, 12 Dec 2011 15:46:48 -0800 

Author: ahart
Date: Mon Dec 12 23:46:24 2011
New Revision: 1213500

URL: http://svn.apache.org/viewvc?rev=1213500&view=rev
Log:
resolve OODT-364: patch XSS hole via call to htmlentities()

Modified:
    oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php

Modified: oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php
URL: 
http://svn.apache.org/viewvc/oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php?rev=1213500&r1=1213499&r2=1213500&view=diff
==============================================================================
--- oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php (original)
+++ oodt/trunk/balance/lib/pear/Core/ApplicationRequest.class.php Mon Dec 12 
23:46:24 2011
@@ -59,7 +59,7 @@ class Org_Apache_Oodt_Balance_Core_Appli
                $this->config = $config;
                
                // Store the uri as provided
-               $this->uri = $requestURI;
+               $this->uri = htmlentities($requestURI);
                
                // Initialize the segments and view path
                $this->segments = array();

Reply via email to