Skip to content

Commit

Permalink
WW-2414 - followup on earlier commit -- recursively replace <<<<<scri…
Browse files Browse the repository at this point in the history
…pt>>>>> until completely sanitized

git-svn-id: https://svn.apache.org/repos/asf/struts/struts2/trunk@615103 13f79535-47bb-0310-9956-ffa450edef68
  • Loading branch information
James Mitchell committed Jan 25, 2008
1 parent 26122c6 commit bd3f2f5
Showing 1 changed file with 2 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -176,10 +176,9 @@ else if ((scheme != null) && !scheme.equals(request.getScheme())) {

String result = link.toString();

if (result.indexOf("<script>") >= 0){
while (result.indexOf("<script>") > 0){
result = result.replaceAll("<script>", "script");
}

}
try {
result = encodeResult ? response.encodeURL(result) : result;
} catch (Exception ex) {
Expand Down

0 comments on commit bd3f2f5

Please sign in to comment.