You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@click.apache.org by sa...@apache.org on 2011/04/24 16:46:04 UTC
svn commit: r1096326 -
/click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java
Author: sabob
Date: Sun Apr 24 14:46:03 2011
New Revision: 1096326
URL: http://svn.apache.org/viewvc?rev=1096326&view=rev
Log:
escape query parameters. CLK-762
Modified:
click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java
Modified: click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java
URL: http://svn.apache.org/viewvc/click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java?rev=1096326&r1=1096325&r2=1096326&view=diff
==============================================================================
--- click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java (original)
+++ click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java Sun Apr 24 14:46:03 2011
@@ -286,7 +286,8 @@ public class ErrorReport {
buffer.append("</td></tr>");
buffer.append("<tr><td width='12%'><b>Query</b></td><td>");
- buffer.append(request.getQueryString());
+ String escapedQueryString = ClickUtils.escape(request.getQueryString());
+ buffer.append(escapedQueryString);
buffer.append("</td></tr>");
buffer.append("<tr><td width='12%'><b>Method</b></td><td>");