You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@click.apache.org by sa...@apache.org on 2011/04/24 16:46:04 UTC

svn commit: r1096326 - /click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java

Author: sabob
Date: Sun Apr 24 14:46:03 2011
New Revision: 1096326

URL: http://svn.apache.org/viewvc?rev=1096326&view=rev
Log:
escape query parameters. CLK-762

Modified:
    click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java

Modified: click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java
URL: http://svn.apache.org/viewvc/click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java?rev=1096326&r1=1096325&r2=1096326&view=diff
==============================================================================
--- click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java (original)
+++ click/trunk/click/framework/src/org/apache/click/util/ErrorReport.java Sun Apr 24 14:46:03 2011
@@ -286,7 +286,8 @@ public class ErrorReport {
         buffer.append("</td></tr>");
 
         buffer.append("<tr><td width='12%'><b>Query</b></td><td>");
-        buffer.append(request.getQueryString());
+        String escapedQueryString = ClickUtils.escape(request.getQueryString());
+        buffer.append(escapedQueryString);
         buffer.append("</td></tr>");
 
         buffer.append("<tr><td width='12%'><b>Method</b></td><td>");