You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wookie.apache.org by sc...@apache.org on 2011/04/01 16:50:32 UTC
svn commit: r1087725 -
/incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java
Author: scottbw
Date: Fri Apr 1 14:50:31 2011
New Revision: 1087725
URL: http://svn.apache.org/viewvc?rev=1087725&view=rev
Log:
Escape XML output for things like widget names to remove angle brackets etc.
Modified:
incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java
Modified: incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java?rev=1087725&r1=1087724&r2=1087725&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetHelper.java Fri Apr 1 14:50:31 2011
@@ -16,6 +16,7 @@ package org.apache.wookie.helpers;
import java.net.MalformedURLException;
import java.net.URL;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.wookie.beans.IDescription;
import org.apache.wookie.beans.ILicense;
import org.apache.wookie.beans.IName;
@@ -124,7 +125,7 @@ public class WidgetHelper {
if (license.getLang()!=null) out+=" xml:lang=\""+license.getLang()+"\"";
if (license.getHref()!=null) out+=" href=\""+license.getHref()+"\"";
if (license.getDir()!=null) out+=" dir=\""+license.getDir()+"\"";
- out+=">"+license.getText()+"</license>\n";
+ out+=">"+StringEscapeUtils.escapeXml(license.getText())+"</license>\n";
}
return out;
}
@@ -148,9 +149,9 @@ public class WidgetHelper {
}
String out = "\t\t<title ";
if (name != null && name.getDir()!=null) out+=" dir=\""+name.getDir()+"\"";
- if (shortName != null) out +=" short=\""+shortName + "\"";
+ if (shortName != null) out +=" short=\""+StringEscapeUtils.escapeXml(shortName) + "\"";
out +=">";
- if(longName != null) out += longName;
+ if(longName != null) out += StringEscapeUtils.escapeXml(longName);
out += "</title>\n";
return out;
}
@@ -161,7 +162,7 @@ public class WidgetHelper {
String out = "\t\t<description";
if (desc!= null && desc.getDir()!=null) out+=" dir=\""+desc.getDir()+"\"";
out += ">";
- if (desc != null) out += desc.getContent();
+ if (desc != null) out += StringEscapeUtils.escapeXml(desc.getContent());
out += "</description>\n";
return out;
}