You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@juddi.apache.org by tc...@apache.org on 2009/04/17 21:56:44 UTC

svn commit: r766128 - /webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp

Author: tcunning
Date: Fri Apr 17 19:56:44 2009
New Revision: 766128

URL: http://svn.apache.org/viewvc?rev=766128&view=rev
Log:
Escape dsname parameter.

Modified:
    webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp

Modified: webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp
URL: http://svn.apache.org/viewvc/webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp?rev=766128&r1=766127&r2=766128&view=diff
==============================================================================
--- webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp (original)
+++ webservices/juddi/trunk/juddi-web/src/main/webapp/happyjuddi.jsp Fri Apr 17 19:56:44 2009
@@ -12,7 +12,8 @@
                  java.util.TreeSet,
                  javax.naming.Context,
                  javax.naming.InitialContext,
-                 javax.sql.DataSource,
+                 javax.sql.DataSource,
+		 org.apache.taglibs.standard.tag.common.core.Util,
                  org.apache.juddi.registry.RegistryServlet,
                  org.apache.juddi.registry.RegistryEngine"
 %>
@@ -245,7 +246,7 @@
   
   try
   {
-    dsname = request.getParameter("dsname");
+    dsname = Util.escapeXml(request.getParameter("dsname"));
     if ((dsname == null) || (dsname.trim().length() == 0))
       dsname = "java:comp/env/jdbc/juddiDB";
     
@@ -350,4 +351,4 @@
 
 </div>
 </body>
-</html>
\ No newline at end of file
+</html>



---------------------------------------------------------------------
To unsubscribe, e-mail: juddi-cvs-unsubscribe@ws.apache.org
For additional commands, e-mail: juddi-cvs-help@ws.apache.org