Re: [YaCy-svn] r4393 - trunk/htroot/xml/bookmarks/posts

Wed, 27 Feb 2008 11:38:51 -0800 

On Thu, Jan 24, 2008 at 10:02 PM, apfelmaennchen at BerliOS
<[EMAIL PROTECTED]> wrote:
[...]
>  Log:
>  UTF-8
>
>  Modified: trunk/htroot/xml/bookmarks/posts/get.java
>  ===================================================================
>  --- trunk/htroot/xml/bookmarks/posts/get.java   2008-01-24 21:01:37 UTC (rev 
> 4392)
>  +++ trunk/htroot/xml/bookmarks/posts/get.java   2008-01-24 21:02:27 UTC (rev 
> 4393)
>  @@ -72,8 +72,8 @@
>                      tag==null || bookmark.getTags().contains(tag) &&
>                      isAdmin || bookmark.getPublic()){
>                  prop.put("posts_"+count+"_url", bookmark.getUrl());
>  -                prop.putHTML("posts_"+count+"_title", bookmark.getTitle());
>  -                prop.putHTML("posts_"+count+"_description", 
> bookmark.getDescription());
>  +                prop.put("posts_"+count+"_title", bookmark.getTitle());
>  +                prop.put("posts_"+count+"_description", 
> bookmark.getDescription());

Sorry, war 'ne Weile offline, deswegen erst jetzt:

Was genau war das UTF-8-Problem hier? Dieser Patch (und auch ähnliche
in anderen Commits) öffnet diesen Code möglicherweise für Cross Site
Scripting Attacken.


Gruß
Fuchs
_______________________________________________
YaCy-svn mailing list
[email protected]
https://lists.berlios.de/mailman/listinfo/yacy-svn

Antwort per Email an