Author: jleroux
Date: Mon Oct 26 18:05:58 2009
New Revision: 829884
URL:
http://svn.apache.org/viewvc?rev=829884&view=revLog:
StringUtil.wrapString around searchParams. Fix an issue introduced with security
Modified:
ofbiz/trunk/applications/product/config/ProductUiLabels.xml
ofbiz/trunk/applications/product/webapp/catalog/find/keywordsearchactions.ftl
Modified: ofbiz/trunk/applications/product/config/ProductUiLabels.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/config/ProductUiLabels.xml?rev=829884&r1=829883&r2=829884&view=diff==============================================================================
--- ofbiz/trunk/applications/product/config/ProductUiLabels.xml (original)
+++ ofbiz/trunk/applications/product/config/ProductUiLabels.xml Mon Oct 26 18:05:58 2009
@@ -15589,7 +15589,7 @@
<value xml:lang="de">Normale Suchparameter</value>
<value xml:lang="en">Plain Search Parameters</value>
<value xml:lang="es">Parámetros de búsqueda habituales</value>
- <value xml:lang="fr">Paramètres de recherche ordinaire</value>
+ <value xml:lang="fr">Paramètres de recherche ordinaire </value>
<value xml:lang="it">Parametri di Ricerca</value>
<value xml:lang="th">à¸à¸±à¸§à¹à¸à¸£à¸à¸²à¸£à¸à¹à¸à¸«à¸²à¸à¸¶à¹à¸à¹à¸¡à¹à¸à¸±à¸à¸à¹à¸à¸</value>
<value xml:lang="zh">ç®åæç´¢åæ°</value>
Modified: ofbiz/trunk/applications/product/webapp/catalog/find/keywordsearchactions.ftl
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/applications/product/webapp/catalog/find/keywordsearchactions.ftl?rev=829884&r1=829883&r2=829884&view=diff==============================================================================
--- ofbiz/trunk/applications/product/webapp/catalog/find/keywordsearchactions.ftl (original)
+++ ofbiz/trunk/applications/product/webapp/catalog/find/keywordsearchactions.ftl Mon Oct 26 18:05:58 2009
@@ -110,9 +110,9 @@
<div>
<form method="post" action="" name="searchShowParams">
<#assign searchParams = Static["org.ofbiz.product.product.ProductSearchSession"].makeSearchParametersString(session)>
- <span class="label">${uiLabelMap.ProductPlainSearchParameters}:</span><input type="text" size="60" name="searchParameters" value="${searchParams}">
+ <span class="label">${uiLabelMap.ProductPlainSearchParameters}:</span><input type="text" size="60" name="searchParameters" value="${StringUtil.wrapString(searchParams)}">
<br/>
- <span class="label">${uiLabelMap.ProductHtmlSearchParameters}:</span><input type="text" size="60" name="searchParameters" value="${searchParams?html}">
+ <span class="label">${uiLabelMap.ProductHtmlSearchParameters}:</span><input type="text" size="60" name="searchParameters" value="${StringUtil.wrapString(searchParams)?html}">
<input type="hidden" name="clearSearch" value="N">
</form>
</div>
Locked
