diff options
author | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-05-23 01:17:03 +0000 |
---|---|---|
committer | awnuk <awnuk@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-05-23 01:17:03 +0000 |
commit | e06cc3bcdc332357ee4c61433cf170a188bd3f71 (patch) | |
tree | 995a144c0054d37b630917b9ce4be23175c5bcb2 /pki/base/common/src/com/netscape/cms | |
parent | a3e8ca01f6b3a86fc98a1d0554ffddbbd4bec425 (diff) | |
download | pki-e06cc3bcdc332357ee4c61433cf170a188bd3f71.tar.gz pki-e06cc3bcdc332357ee4c61433cf170a188bd3f71.tar.xz pki-e06cc3bcdc332357ee4c61433cf170a188bd3f71.zip |
Bugzilla bug #488303
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@487 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cms')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java | 60 |
1 files changed, 53 insertions, 7 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java index 947ba42a9..e6a5afded 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/common/CMSTemplate.java @@ -364,7 +364,7 @@ public class CMSTemplate extends CMSFile { public static String escapeJavaScriptString(String v) { int l = v.length(); char in[] = new char[l]; - char out[] = new char[l * 2]; + char out[] = new char[l * 4]; int j = 0; v.getChars(0, l, in, 0); @@ -372,11 +372,20 @@ public class CMSTemplate extends CMSFile { for (int i = 0; i < l; i++) { char c = in[i]; - if ((c > 0x23) && (c!= 0x5c)) { + if ((c > 0x23) && (c!= 0x5c) && (c!= 0x3c) && (c!= 0x3e)) { out[j++] = c; continue; } + if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' || + in[i+1] == 'n' || in[i+1] == 'f' || in[i+1] == 't' || + in[i+1] == '\"' || in[i+1] == '\'' || in[i+1] == '\\')) { + out[j++] = '\\'; + out[j++] = in[i+1]; + i++; + continue; + } + switch (c) { case '\n': out[j++] = '\\'; @@ -403,11 +412,29 @@ public class CMSTemplate extends CMSFile { out[j++] = 'f'; break; + case '\t': + out[j++] = '\\'; + out[j++] = 't'; + break; + + case '<': + out[j++] = '\\'; + out[j++] = 'x'; + out[j++] = '3'; + out[j++] = 'c'; + break; + + case '>': + out[j++] = '\\'; + out[j++] = 'x'; + out[j++] = '3'; + out[j++] = 'e'; + break; + default: out[j++] = c; } } - String ret = new String(out,0,j); return new String(out, 0, j); } @@ -431,6 +458,14 @@ public class CMSTemplate extends CMSFile { continue; } + if ((c == 0x5c) && ((i+1)<l) && (in[i+1] == 'n' || + in[i+1] == 'n' || in[i+1] == 'f' || in[i+1] == 't')) { + out[j++] = '\\'; + out[j++] = in[i+1]; + i++; + continue; + } + switch (c) { case '\n': out[j++] = '\\'; @@ -457,11 +492,22 @@ public class CMSTemplate extends CMSFile { out[j++] = 'f'; break; - case '<': - out[j++] = '&'; - out[j++] = 'l'; + case '\t': + out[j++] = '\\'; out[j++] = 't'; - out[j++] = ';'; + break; + + case '<': + out[j++] = '\\'; + out[j++] = 'x'; + out[j++] = '3'; + out[j++] = 'c'; + break; + case '>': + out[j++] = '\\'; + out[j++] = 'x'; + out[j++] = '3'; + out[j++] = 'e'; break; default: |