r310 - trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp - Chorem-commits

22 Feb 2013

Author: bpoussin
Date: 2013-02-22 23:08:37 +0100 (Fri, 22 Feb 2013)
New Revision: 310

Url: http://chorem.org/projects/chorem/repository/revisions/310

Log:
on escape le texte de la zone de recherche pour que ca ne
casse pas le HTML


Modified:
   trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp/decorator.jsp

Modified: trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp/decorator.jsp
===================================================================

--- trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp/decorator.jsp	2013-02-21 19:19:48 UTC (rev 309)
+++ trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp/decorator.jsp	2013-02-22 22:08:37 UTC (rev 310)
@@ -22,6 +22,7 @@
   --%>
 <%@page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
 <%@ taglib uri="/WEB-INF/wikitty.tld" prefix="w"%>
 
 <?xml version="1.0" encoding="UTF-8" ?>
@@ -201,7 +202,7 @@
                         </ul>
                         
                         <form class="navbar-search pull-left" action="<c:url value="/wikitty/search"/>">
-                            <input type="text" class="search-query" placeholder="Search" name="query" value="${param.query}"/>
+                            <input type="text" class="search-query" placeholder="Search" name="query" value="${fn:escapeXml(param.query)}"/>
                         </form>
                     </div>

    

r310 - trunk/chorem-webmotion/src/main/webapp/WEB-INF/jsp

bpoussin＠users.chorem.org

tags

participants (1)