|
Author: jleroux
Revision: 1759555
Modified property: svn:log
Modified: svn:log at Thu Sep 22 16:50:39 2016
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Thu Sep 22 16:50:39 2016
@@ -5,3 +5,4 @@ An attacker can pass arbitary commands v
This fixes it using 2 redundant mechanisms (better safe than sorry):
1) linkUrl = URLEncoder.encode(linkUrl, "UTF-8");
+2) sr.append("\" linkUrl=r\"");
|