Update of /var/cvs/html/mmbase/admin
In directory james.mmbase.org:/tmp/cvs-serv31345
Modified Files:
index.jsp
Log Message:
values directly acquired by EL, are, sadly, not automaticly correctly escaped
See also: http://cvs.mmbase.org/viewcvs/html/mmbase/admin
Index: index.jsp
===================================================================
RCS file: /var/cvs/html/mmbase/admin/index.jsp,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -b -r1.30 -r1.31
--- index.jsp 23 Apr 2008 08:09:43 -0000 1.30
+++ index.jsp 23 Apr 2008 08:10:16 -0000 1.31
@@ -90,7 +90,7 @@
</div>
<div id="content">
<c:catch var="exception">
- <h2 class="top">${mm:string('text/xml',
mm:string(blockObject.title))}</h2>
+ <h2 class="top">${mm:escape('text/xml',
mm:string(blockObject.title))}</h2>
<mm:component debug="xml" name="$component" block="${block}">
<mm:frameworkparam
name="category">${category}</mm:frameworkparam>
</mm:component>
_______________________________________________
Cvs mailing list
[email protected]
http://lists.mmbase.org/mailman/listinfo/cvs
