Skip to content
Permalink
Browse files Browse the repository at this point in the history
- Security upgrades for xss prevention
  • Loading branch information
vskiadas90 committed Jun 27, 2022
1 parent 772f974 commit a120c21
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 2 deletions.
6 changes: 6 additions & 0 deletions pom.xml
Expand Up @@ -943,6 +943,12 @@
<scope>test</scope>
</dependency>

<dependency>
<groupId>com.samaxes.stripes</groupId>
<artifactId>stripesafe</artifactId>
<version>1.0.1</version>
</dependency>

<!-- PropertyPlaceholderConfigurer -->
<dependency>
<groupId>eionet</groupId>
Expand Down
4 changes: 3 additions & 1 deletion src/main/java/eionet/cr/web/action/TagSearchActionBean.java
Expand Up @@ -42,6 +42,7 @@
import eionet.cr.web.util.ApplicationCache;
import eionet.cr.web.util.columns.SearchResultColumn;
import eionet.cr.web.util.columns.SubjectPredicateColumn;
import org.apache.commons.lang.StringEscapeUtils;

/**
*
Expand Down Expand Up @@ -190,7 +191,8 @@ public String getSearchTag() {
}

public void setSearchTag(String searchTag) {
this.searchTag = searchTag;

this.searchTag = StringEscapeUtils.escapeHtml(searchTag);
}

public List<String> getSelectedTags() {
Expand Down
Expand Up @@ -425,7 +425,8 @@ public String getUri() {
* the resourceUri to set
*/
public void setUri(final String resourceUri) {
this.uri = resourceUri;

this.uri = StringEscapeUtils.escapeHtml(resourceUri);;
}

/**
Expand Down

0 comments on commit a120c21

Please sign in to comment.