OFBiz OFBiz - Commits

svn commit: r920381 - /ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
lektran
Reply | Threaded
Open this post in threaded view
|

svn commit: r920381 - /ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java

lektran
Author: lektran
Date: Mon Mar  8 16:11:04 2010
New Revision: 920381

URL: http://svn.apache.org/viewvc?rev=920381&view=rev
Log:
Merged from trunk r920371
Properly encode any error messages before attempting to write them to the response.  I'm doing it here to avoid having to do the encoding within each app's error.jsp file, I think this should be fine though.

Modified:
    ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java

Modified: ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java?rev=920381&r1=920380&r2=920381&view=diff
==============================================================================
--- ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java (original)
+++ ofbiz/branches/release09.04/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java Mon Mar  8 16:11:04 2010
@@ -32,6 +32,7 @@
 import org.apache.bsf.BSFManager;
 
 import org.ofbiz.base.util.Debug;
+import org.ofbiz.base.util.StringUtil;
 import org.ofbiz.base.util.UtilHttp;
 import org.ofbiz.base.util.UtilJ2eeCompat;
 import org.ofbiz.base.util.UtilTimer;
@@ -202,11 +203,13 @@
         } catch (RequestHandlerException e) {
             Throwable throwable = e.getNested() != null ? e.getNested() : e;
             Debug.logError(throwable, "Error in request handler: ", module);
-            request.setAttribute("_ERROR_MESSAGE_", throwable.toString());
+            StringUtil.HtmlEncoder encoder = new StringUtil.HtmlEncoder();
+            request.setAttribute("_ERROR_MESSAGE_", encoder.encode(throwable.toString()));
             errorPage = requestHandler.getDefaultErrorPage(request);
         } catch (Exception e) {
             Debug.logError(e, "Error in request handler: ", module);
-            request.setAttribute("_ERROR_MESSAGE_", e.toString());
+            StringUtil.HtmlEncoder encoder = new StringUtil.HtmlEncoder();
+            request.setAttribute("_ERROR_MESSAGE_", encoder.encode(e.toString()));
             errorPage = requestHandler.getDefaultErrorPage(request);
         }
 


Free forum by Nabble Edit this page