Author: kkolinko Date: Sun May 13 00:15:35 2012 New Revision: 1337745 URL: http://svn.apache.org/viewvc?rev=1337745&view=rev Log: Doh. Pass correct URL to encodeURL() call and safeguard it later.
Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/SessionExample.java Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/SessionExample.java URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/SessionExample.java?rev=1337745&r1=1337744&r2=1337745&view=diff ============================================================================== --- tomcat/trunk/webapps/examples/WEB-INF/classes/SessionExample.java (original) +++ tomcat/trunk/webapps/examples/WEB-INF/classes/SessionExample.java Sun May 13 00:15:35 2012 @@ -129,7 +129,7 @@ public class SessionExample extends Http out.println("</form>"); out.print("<p><a href=\""); - out.print(response.encodeURL("SessionExample?dataname=foo&datavalue=bar")); + out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=foo&datavalue=bar"))); out.println("\" >URL encoded </a>"); out.println("</body>"); --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org