Author: ashish
Date: Thu Nov 18 13:08:09 2010
New Revision: 1036445
URL:
http://svn.apache.org/viewvc?rev=1036445&view=revLog:
Reverting my recent changes. As it is not good practice to put html content in order notes. Malicious code can be put in this field by end user and it can get executed while rendering order view page. Thanks Scott for the comments.
Modified:
ofbiz/branches/release10.04/applications/order/webapp/ordermgr/order/ordernotes.ftl
Modified: ofbiz/branches/release10.04/applications/order/webapp/ordermgr/order/ordernotes.ftl
URL:
http://svn.apache.org/viewvc/ofbiz/branches/release10.04/applications/order/webapp/ordermgr/order/ordernotes.ftl?rev=1036445&r1=1036444&r2=1036445&view=diff==============================================================================
--- ofbiz/branches/release10.04/applications/order/webapp/ordermgr/order/ordernotes.ftl (original)
+++ ofbiz/branches/release10.04/applications/order/webapp/ordermgr/order/ordernotes.ftl Thu Nov 18 13:08:09 2010
@@ -44,7 +44,7 @@ under the License.
<div> <span class="label">${uiLabelMap.CommonAt}</span> ${note.noteDateTime?string?if_exists}</div>
</td>
<td valign="top" width="50%">
- ${StringUtil.wrapString(note.noteInfo?if_exists)}
+ ${note.noteInfo?if_exists}
</td>
<td align="right" valign="top" width="15%">
<#if note.internalNote?if_exists == "N">
Locked
