You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@roller.apache.org by sn...@apache.org on 2013/05/25 22:46:07 UTC

svn commit: r1486362 - /roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java

Author: snoopdave
Date: Sat May 25 20:46:07 2013
New Revision: 1486362

URL: http://svn.apache.org/r1486362
Log:
Don't attempt to sanitize null fields

Modified:
    roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java

Modified: roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java
URL: http://svn.apache.org/viewvc/roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java?rev=1486362&r1=1486361&r2=1486362&view=diff
==============================================================================
--- roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java (original)
+++ roller/trunk/weblogger-business/src/main/java/org/apache/roller/weblogger/util/HTMLSanitizer.java Sat May 25 20:46:07 2013
@@ -86,7 +86,7 @@ public class HTMLSanitizer {
 
 	public static String conditionallySanitize(String ret) {
 		// if XSS is enabled then sanitize HTML
-		if (xssEnabled) {
+		if (xssEnabled && ret != null) {
 			ret = HTMLSanitizer.sanitize(ret);
 		}
 		return ret;