Glen,
When I do a search containing and ampersand, roller does not show correctly
the returned text.
eg
b&z
actually returns :b&z
which renders as b&z
It should return b&z with no second ampersand for it to render
correctly.
Checking the method getTerm() it does a double escape, where the
StringEscapeUtils.escapeXml(..) adds the extra amp; causing it not to show
correctly :
SearchResultsModel():
public String getTerm() {
String query = searchRequest.getQuery();
return (query == null)
? "" : StringEscapeUtils.escapeXml(Utilities.escapeHTML(query));
}
Do we need the double escape? For XSS? StringEscapeUtils.escapeXml() or
how do we make it render correctly?
Cheers Greg.
