You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@felix.apache.org by cz...@apache.org on 2015/01/05 13:54:56 UTC

svn commit: r1649518 - /felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java

Author: cziegeler
Date: Mon Jan  5 12:54:56 2015
New Revision: 1649518

URL: http://svn.apache.org/r1649518
Log:
FELIX-4746 : Escape outputting filter parameter in service servlet

Modified:
    felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java

Modified: felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java
URL: http://svn.apache.org/viewvc/felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java?rev=1649518&r1=1649517&r2=1649518&view=diff
==============================================================================
--- felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java (original)
+++ felix/trunk/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/ServicesServlet.java Mon Jan  5 12:54:56 2015
@@ -416,7 +416,7 @@ public class ServicesServlet extends Sim
         vars.put( "bundlePath", appRoot +  "/" + BundlesServlet.NAME + "/" );
         vars.put( "drawDetails", String.valueOf(reqInfo.serviceRequested));
         vars.put( "__data__", w.toString() );
-        vars.put( "filter", filter == null ? "" : filter);
+        vars.put( "filter", filter == null ? "" : WebConsoleUtil.escapeHtml(filter));
 
         response.getWriter().print( TEMPLATE );
     }