From 481dfce2d540225ec57db0ce6f1cc0d51eb4e9d5 Mon Sep 17 00:00:00 2001 From: "Christian P. MOMON" Date: Thu, 26 Nov 2020 06:46:57 +0100 Subject: [PATCH] Fixed escape of software name. --- src/fr/devinsy/statoolinfos/htmlize/BreadcrumbTrail.java | 3 ++- src/fr/devinsy/statoolinfos/htmlize/ServicePage.java | 6 +++--- src/fr/devinsy/statoolinfos/htmlize/SoftwarePage.java | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/fr/devinsy/statoolinfos/htmlize/BreadcrumbTrail.java b/src/fr/devinsy/statoolinfos/htmlize/BreadcrumbTrail.java index 350a687..7646208 100644 --- a/src/fr/devinsy/statoolinfos/htmlize/BreadcrumbTrail.java +++ b/src/fr/devinsy/statoolinfos/htmlize/BreadcrumbTrail.java @@ -21,6 +21,7 @@ package fr.devinsy.statoolinfos.htmlize; import java.util.ArrayList; import fr.devinsy.strings.StringList; +import fr.devinsy.xidyn.utils.XidynUtils; /** * The Class BreadcrumbTrail. @@ -87,7 +88,7 @@ public class BreadcrumbTrail extends ArrayList for (Breadcrumb crumb : this) { - buffer.append(String.format("%s", crumb.getLink(), crumb.getLabel())); + buffer.append(String.format("%s", crumb.getLink(), XidynUtils.escapeXmlBlank(crumb.getLabel()))); buffer.append(" > "); } if (buffer.size() > 2) diff --git a/src/fr/devinsy/statoolinfos/htmlize/ServicePage.java b/src/fr/devinsy/statoolinfos/htmlize/ServicePage.java index 00563fe..af422a2 100644 --- a/src/fr/devinsy/statoolinfos/htmlize/ServicePage.java +++ b/src/fr/devinsy/statoolinfos/htmlize/ServicePage.java @@ -117,7 +117,7 @@ public class ServicePage data.setEscapedContent("serviceURL", service.getWebsite()); data.setEscapedAttribute("serviceURL", "href", service.getWebsite()); - data.setContent("serviceDescription", StringUtils.defaultIfBlank(service.getDescription(), "n/a")); + data.setEscapedContent("serviceDescription", StringUtils.defaultIfBlank(service.getDescription(), "n/a")); data.setContent("serviceStartDate", StringUtils.defaultIfBlank(service.getStartDate(), "n/a")); data.setContent("serviceEndDate", StringUtils.defaultIfBlank(service.getEndDate(), "n/a")); @@ -183,9 +183,9 @@ public class ServicePage } // - data.setContent("softwareName", StringUtils.defaultIfBlank(service.getSoftwareName(), "n/a")); + data.setEscapedContent("softwareName", StringUtils.defaultIfBlank(service.getSoftwareName(), "n/a")); data.setContent("softwareVersion", StringUtils.defaultIfBlank(service.getSoftwareVersion(), "n/a")); - data.setContent("softwareLicenseName", StringUtils.defaultIfBlank(service.getSoftwareLicenseName(), "n/a")); + data.setEscapedContent("softwareLicenseName", StringUtils.defaultIfBlank(service.getSoftwareLicenseName(), "n/a")); if (StringUtils.isNotBlank(service.getSoftwareWebsite())) { data.setEscapedAttribute("softwareWebsiteLink", "href", service.getSoftwareWebsite()); diff --git a/src/fr/devinsy/statoolinfos/htmlize/SoftwarePage.java b/src/fr/devinsy/statoolinfos/htmlize/SoftwarePage.java index 5a6109b..920773d 100644 --- a/src/fr/devinsy/statoolinfos/htmlize/SoftwarePage.java +++ b/src/fr/devinsy/statoolinfos/htmlize/SoftwarePage.java @@ -85,8 +85,8 @@ public class SoftwarePage TagDataManager data = new TagDataManager(); - data.setContent("softwareName", software.getName()); - data.setContent("softwareDesciprtion", software.getDescription()); + data.setEscapedContent("softwareName", software.getName()); + data.setEscapedContent("softwareDescription", software.getDescription()); data.setContent("serviceCount", services.size()); data.setContent("serviceListView", ServiceListView.build(services));