[Archive-access-cvs] SF.net SVN: archive-access:[3413] trunk/archive-access/projects/wayback/ wayb

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 3413
          http://archive-access.svn.sourceforge.net/archive-access/?rev=3413&view=rev
Author:   bradtofel
Date:     2011-02-06 14:59:39 +0000 (Sun, 06 Feb 2011)

Log Message:
-----------
BUGFIX(unreported): was not properly escaping several fields

Modified Paths:
--------------
    trunk/archive-access/projects/wayback/wayback-webapp/src/main/webapp/WEB-INF/query/OpenSearchCaptureResults.jsp

Modified: trunk/archive-access/projects/wayback/wayback-webapp/src/main/webapp/WEB-INF/query/OpenSearchCaptureResults.jsp
===================================================================

--- trunk/archive-access/projects/wayback/wayback-webapp/src/main/webapp/WEB-INF/query/OpenSearchCaptureResults.jsp	2011-02-06 14:56:37 UTC (rev 3412)
+++ trunk/archive-access/projects/wayback/wayback-webapp/src/main/webapp/WEB-INF/query/OpenSearchCaptureResults.jsp	2011-02-06 14:59:39 UTC (rev 3413)
@@ -52,12 +52,12 @@
    <channel>
      <title>Wayback OpenSearch Results</title>
      <link><%= queryPrefix %>></link>
-     <description><%= fmt.format("PathQueryClassic.searchedFor",searchString) %></description>
+     <description><%= fmt.format("PathQueryClassic.searchedFor",fmt.escapeHtml(searchString)) %></description>
      <opensearch:totalResults><%= resultCount %></opensearch:totalResults>
      <opensearch:startIndex><%= firstResult %></opensearch:startIndex>
      <opensearch:itemsPerPage><%= shownResultCount %></opensearch:itemsPerPage>
      <atom:link rel="search" type="application/opensearchdescription+xml" href="<%= staticPrefix %>/opensearchdescription.xml"/>
-     <opensearch:Query role="request" searchTerms="<%= UIResults.encodeXMLContent(searchTerms) %>" startPage="<%= wbRequest.getPageNum() %>" />
+     <opensearch:Query role="request" searchTerms="<%= fmt.escapeHtml(searchTerms) %>" startPage="<%= wbRequest.getPageNum() %>" />
 <%
   while(itr.hasNext()) {
     %>
@@ -65,14 +65,12 @@
     <%
     CaptureSearchResult result = itr.next();
 
-    String replayUrl = UIResults.encodeXMLEntity(
-    		uiResults.resultToReplayUrl(result));
+    String replayUrl = fmt.escapeHtml(uiResults.resultToReplayUrl(result));
 
-    String prettyDate = UIResults.encodeXMLEntity(
+    String prettyDate = fmt.escapeHtml(
     		fmt.format("MetaReplay.captureDateDisplay",result.getCaptureDate()));
 
-    String requestUrl = UIResults.encodeXMLEntity(
-    		wbRequest.getRequestUrl());
+    String requestUrl = fmt.escapeHtml(wbRequest.getRequestUrl());
     %>
       <title><%= prettyDate %></title>
       <link><%= replayUrl %></link>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.




[Archive-access-cvs] SF.net SVN: archive-access:[3413] trunk/archive-access/projects/wayback/ wayb

[Archive-access-cvs] SF.net SVN: archive-access:[3413] trunk/archive-access/projects/wayback/ wayback-webapp/src/main/webapp/WEB-INF/query/OpenSearchCaptureResults.jsp