summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/common
diff options
context:
space:
mode:
authoralee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2009-04-10 18:48:56 +0000
committeralee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>2009-04-10 18:48:56 +0000
commit069c6d0dcfdf06660a7984d12bc3afb07d272373 (patch)
treecf03ad5632bcf14085d983784060898ce5091917 /pki/base/common/src/com/netscape/cms/servlet/common
parent3ea60be8a53cbe26857bb0843368c7f4b38ffb36 (diff)
downloadpki-069c6d0dcfdf06660a7984d12bc3afb07d272373.tar.gz
pki-069c6d0dcfdf06660a7984d12bc3afb07d272373.tar.xz
pki-069c6d0dcfdf06660a7984d12bc3afb07d272373.zip
Bugzilla Bug #223353 - Values entered through web ui are not checked/escaped
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@381 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/common')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java3
1 files changed, 2 insertions, 1 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
index 8d6166dbd..947ba42a9 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java
@@ -372,7 +372,7 @@ public class CMSTemplate extends CMSFile {
for (int i = 0; i < l; i++) {
char c = in[i];
- if (c > 0x23) {
+ if ((c > 0x23) && (c!= 0x5c)) {
out[j++] = c;
continue;
}
@@ -407,6 +407,7 @@ public class CMSTemplate extends CMSFile {
out[j++] = c;
}
}
+ String ret = new String(out,0,j);
return new String(out, 0, j);
}
generated by cgit (git 2.34.1) at 2024-09-23 15:55:25 +0000