svn commit: r528514 - /roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm

Fri, 13 Apr 2007 08:01:13 -0700 

Author: snoopdave
Date: Fri Apr 13 08:00:52 2007
New Revision: 528514

URL: http://svn.apache.org/viewvc?view=rev&rev=528514
Log:
Adding HTML escape for comment textarea

Modified:
    roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm

Modified: roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm
URL: 
http://svn.apache.org/viewvc/roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm?view=diff&rev=528514&r1=528513&r2=528514
==============================================================================
--- roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm (original)
+++ roller/branches/roller_2.3/web/WEB-INF/classes/comments.vm Fri Apr 13 
08:00:52 2007
@@ -232,7 +232,7 @@
         <tr><th style="text-align: left">$text.get( "macro.weblog.yourcomment" 
)</th></tr>
         <tr>
             <td>
-            <textarea name="content" cols="50" 
rows="10">$commentForm.content</textarea><br />
+            <textarea name="content" cols="50" 
rows="10">$utilities.escapeHTML($commentForm.content)</textarea><br />
             <span class="comments-syntax-indicator">
             $text.get( "macro.weblog.htmlsyntax" )
             #if( $escapeHtml )

Reply via email to