svn commit: r789509 - in /ofbiz/branches/release09.04: ./ applications/accounting/servic
Locked
 
|
Author: hansbak
Date: Tue Jun 30 00:37:03 2009 New Revision: 789509 URL: http://svn.apache.org/viewvc?rev=789509&view=rev Log: Applied fix from trunk for revision: 789506 only allow 'safe' in in/outgoing email Modified: ofbiz/branches/release09.04/ (props changed) ofbiz/branches/release09.04/applications/accounting/servicedef/services_invoice.xml ofbiz/branches/release09.04/framework/common/servicedef/services_email.xml Propchange: ofbiz/branches/release09.04/ ------------------------------------------------------------------------------ --- svn:mergeinfo (original) +++ svn:mergeinfo Tue Jun 30 00:37:03 2009 @@ -1 +1 @@ -/ofbiz/trunk:765933,766011,766015,766293,766307,766316,766325,766462,766522,766800,767060,767072,767093,767098-767099,767102,767123,767125,767127,767279,767287,767671,767688,767694,767822,767845,768358,768490,768550,768675,768686,768705,768811,768815,768960,769030,769500,770272,770997,771073,772401,772464-772465,773076,773557,773628,773659,773697,774014,774632,774661,774995,775292,775667,776227,776594,776620,776922,777004,777020,777768,777792,777893,777947,778078,778094,778107,778278,778280,778364,778374,778402,778576,778594,778628,779020,779477,779496,779639,779834,779856,779866,779873,780111,780138,780180,780199,780203,780906,780945,781201,781534,781549,781669,781680,781694,782663,783257,783266,783833,783913,783917,785123,785764,785967,786778,787126,787435-787436,787442,787520,788965,788983,788987,789329,789337 +/ofbiz/trunk:765933,766011,766015,766293,766307,766316,766325,766462,766522,766800,767060,767072,767093,767098-767099,767102,767123,767125,767127,767279,767287,767671,767688,767694,767822,767845,768358,768490,768550,768675,768686,768705,768811,768815,768960,769030,769500,770272,770997,771073,772401,772464-772465,773076,773557,773628,773659,773697,774014,774632,774661,774995,775292,775667,776227,776594,776620,776922,777004,777020,777768,777792,777893,777947,778078,778094,778107,778278,778280,778364,778374,778402,778576,778594,778628,779020,779477,779496,779639,779834,779856,779866,779873,780111,780138,780180,780199,780203,780906,780945,781201,781534,781549,781669,781680,781694,782663,783257,783266,783833,783913,783917,785123,785764,785967,786778,787126,787435-787436,787442,787520,788965,788983,788987,789329,789337,789506 Modified: ofbiz/branches/release09.04/applications/accounting/servicedef/services_invoice.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release09.04/applications/accounting/servicedef/services_invoice.xml?rev=789509&r1=789508&r2=789509&view=diff ============================================================================== --- ofbiz/branches/release09.04/applications/accounting/servicedef/services_invoice.xml (original) +++ ofbiz/branches/release09.04/applications/accounting/servicedef/services_invoice.xml Tue Jun 30 00:37:03 2009 @@ -247,7 +247,7 @@ <attribute name="sendTo" type="String" mode="IN" optional="false"/> <attribute name="sendCc" type="String" mode="IN" optional="true"/> <attribute name="subject" type="String" mode="IN" optional="true"/> - <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="any"/> + <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="safe"/> <attribute name="other" type="String" mode="IN" optional="true"/><!-- to send the invoice in the 'other' currency (y) --> </service> <service name="checkInvoicePaymentApplications" engine="java" Modified: ofbiz/branches/release09.04/framework/common/servicedef/services_email.xml URL: http://svn.apache.org/viewvc/ofbiz/branches/release09.04/framework/common/servicedef/services_email.xml?rev=789509&r1=789508&r2=789509&view=diff ============================================================================== --- ofbiz/branches/release09.04/framework/common/servicedef/services_email.xml (original) +++ ofbiz/branches/release09.04/framework/common/servicedef/services_email.xml Tue Jun 30 00:37:03 2009 @@ -46,7 +46,7 @@ <description>Send E-Mail Service. partyId and communicationEventId aren't used by sendMail but are passed down to storeEmailAsCommunication during the SECA chain. See sendMailInterface for more comments.</description> <implements service="sendMailInterface"/> - <attribute name="body" type="String" mode="INOUT" optional="false" allow-html="any"/> + <attribute name="body" type="String" mode="INOUT" optional="false" allow-html="safe"/> <attribute name="communicationEventId" type="String" mode="INOUT" optional="true"/> <override name="contentType" mode="INOUT"/> <override name="subject" mode="INOUT" optional="false"/> @@ -65,16 +65,16 @@ location="org.ofbiz.common.email.EmailServices" invoke="sendMailFromUrl"> <description>Send E-Mail From URL Service</description> <implements service="sendMailInterface"/> - <attribute name="bodyUrl" type="String" mode="IN" optional="false" allow-html="any"/> + <attribute name="bodyUrl" type="String" mode="IN" optional="false"/> <attribute name="bodyUrlParameters" type="Map" mode="IN" optional="true"/> - <attribute name="body" type="String" mode="OUT" optional="false" allow-html="any"/> + <attribute name="body" type="String" mode="OUT" optional="false" allow-html="safe"/> </service> <service name="sendMailFromScreen" max-retry="3" engine="java" location="org.ofbiz.common.email.EmailServices" invoke="sendMailFromScreen"> <description>Send E-Mail From Screen Widget Service</description> <implements service="sendMailInterface"/> - <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="any"/> - <attribute name="bodyScreenUri" type="String" mode="IN" optional="true" allow-html="any"/> + <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="safe"/> + <attribute name="bodyScreenUri" type="String" mode="IN" optional="true"/> <attribute name="xslfoAttachScreenLocation" type="String" mode="IN" optional="true"/> <attribute name="attachmentName" type="String" mode="IN" optional="true"/> <attribute name="bodyParameters" type="Map" mode="IN" optional="true"/> @@ -87,7 +87,7 @@ <implements service="sendMailInterface"/> <attribute name="emailTemplateSettingId" type="String" mode="IN" optional="false"/> <attribute name="partyIdTo" type="String" mode="IN" optional="true"/> - <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="any"/> + <attribute name="bodyText" type="String" mode="IN" optional="true" allow-html="safe"/> <attribute name="attachmentName" type="String" mode="IN" optional="true"/> <attribute name="bodyParameters" type="Map" mode="IN" optional="true"/> <attribute name="webSiteId" type="String" mode="IN" optional="true"/> @@ -98,8 +98,8 @@ location="" invoke=""> <description>Send Template Based Notification Service</description> <implements service="sendMailInterface"/> - <attribute name="body" type="String" mode="INOUT" optional="true" allow-html="any"/> - <attribute name="baseUrl" type="String" mode="IN" optional="true" allow-html="any"/> + <attribute name="body" type="String" mode="INOUT" optional="true" allow-html="safe"/> + <attribute name="baseUrl" type="String" mode="IN" optional="true" allow-html="safe"/> <attribute name="templateName" type="String" mode="IN" optional="false"/> <attribute name="templateData" type="Map" mode="IN" optional="true"/> <attribute name="webSiteId" type="String" mode="IN" optional="true"/> @@ -108,7 +108,7 @@ location="" invoke=""> <description>Send Template Based Notification Service</description> <implements service="prepareNotificationInterface"/> - <attribute name="body" type="String" mode="IN" optional="true" allow-html="any"/> + <attribute name="body" type="String" mode="IN" optional="true" allow-html="safe"/> <attribute name="templateName" type="String" mode="IN" optional="false"/> <attribute name="templateData" type="Map" mode="IN" optional="true"/> <attribute name="webSiteId" type="String" mode="IN" optional="true"/> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |