You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2013/05/25 22:46:07 UTC
svn commit: r1486362 -
/roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java
Author: snoopdave
Date: Sat May 25 20:46:07 2013
New Revision: 1486362
URL: http://svn.apache.org/r1486362
Log:
Don't attempt to sanitize null fields
Modified:
roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java
Modified: roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java
URL: http://svn.apache.org/viewvc/roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java?rev=1486362&r1=1486361&r2=1486362&view=diff
==============================================================================
--- roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java (original)
+++ roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java Sat May 25 20:46:07 2013
@@ -86,7 +86,7 @@ public class HTMLSanitizer {
public static String conditionallySanitize(String ret) {
// if XSS is enabled then sanitize HTML
- if (xssEnabled) {
+ if (xssEnabled && ret != null) {
ret = HTMLSanitizer.sanitize(ret);
}
return ret;