You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wookie.apache.org by sc...@apache.org on 2011/04/04 13:06:28 UTC
svn commit: r1088556 -
/incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java
Author: scottbw
Date: Mon Apr 4 11:06:27 2011
New Revision: 1088556
URL: http://svn.apache.org/viewvc?rev=1088556&view=rev
Log:
Make sure widget titles are escaped when returning XML for widget instances
Modified:
incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java
Modified: incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java?rev=1088556&r1=1088555&r2=1088556&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/helpers/WidgetInstanceHelper.java Mon Apr 4 11:06:27 2011
@@ -13,6 +13,7 @@
*/
package org.apache.wookie.helpers;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.wookie.beans.IWidget;
import org.apache.wookie.beans.IWidgetInstance;
import org.apache.wookie.w3c.IW3CXMLConfiguration;
@@ -47,7 +48,7 @@ public class WidgetInstanceHelper {
xml += "<widgetdata>"; //$NON-NLS-1$
xml += "\t<url>"+url+"</url>"; //$NON-NLS-1$ //$NON-NLS-2$
xml += "\t<identifier>"+instance.getIdKey()+"</identifier>\n"; //$NON-NLS-1$ //$NON-NLS-2$
- xml += "\t<title>"+widget.getWidgetTitle(locale)+"</title>\n"; //$NON-NLS-1$ //$NON-NLS-2$
+ xml += "\t<title>"+StringEscapeUtils.escapeXml(widget.getWidgetTitle(locale))+"</title>\n"; //$NON-NLS-1$ //$NON-NLS-2$
xml += "\t<height>"+height+"</height>\n"; //$NON-NLS-1$ //$NON-NLS-2$
xml += "\t<width>"+width+"</width>\n"; //$NON-NLS-1$ //$NON-NLS-2$
xml += "</widgetdata>"; //$NON-NLS-1$