You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@roller.apache.org by sn...@apache.org on 2008/12/30 04:07:57 UTC

svn commit: r730037 - /roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm

Author: snoopdave
Date: Mon Dec 29 19:07:57 2008
New Revision: 730037

URL: http://svn.apache.org/viewvc?rev=730037&view=rev
Log:
Fix for ROL-1642
https://issues.apache.org/roller/browse/ROL-1642

Modified:
    roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm

Modified: roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm?rev=730037&r1=730036&r2=730037&view=diff
==============================================================================
--- roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm (original)
+++ roller/branches/roller_4.0/apps/weblogger/web/WEB-INF/velocity/feeds.vm Mon Dec 29 19:07:57 2008
@@ -95,7 +95,7 @@
         <link rel="alternate" type="text/html" href="${comment.weblogEntry.permalink}#comment-${comment.timestamp}"/>
         <published>$utils.formatIso8601Date($comment.postTime)</published>
         <updated>$utils.formatIso8601Date($comment.postTime)</updated> 
-        <content type="html">$comment.content</content>
+        <content type="html">$utils.escapeXML($comment.content)</content>
     </entry>
     #end
 #end
@@ -107,7 +107,7 @@
         <title>Re: $utils.escapeXML($comment.weblogEntry.title)</title>
         <dc:creator>$utils.escapeXML($utils.removeHTML($comment.name))</dc:creator>
         <pubDate>$utils.formatRfc822Date($comment.postTime)</pubDate>
-        <description>$comment.content</description>
+        <description>$utils.escapeXML($comment.content)</description>
     </item>
     #end
 #end