Skip to content
Permalink
Browse files Browse the repository at this point in the history
BZ-1049109: escaping task name html inputs
  • Loading branch information
salaboy committed Jan 8, 2014
1 parent fc9005f commit 4818204
Showing 1 changed file with 2 additions and 1 deletion.
Expand Up @@ -20,6 +20,7 @@
import javax.inject.Inject;

import com.google.gwt.core.client.GWT;
import com.google.gwt.safehtml.shared.SafeHtmlUtils;
import com.google.gwt.user.client.ui.HTMLPanel;
import com.google.gwt.user.client.ui.IsWidget;
import java.util.HashMap;
Expand Down Expand Up @@ -117,7 +118,7 @@ public void onTaskSelectionEvent(@Observes TaskSelectionEvent event){
selectedTaskId = event.getTaskId();
selectedTaskName = event.getTaskName();

view.getTaskIdAndName().setText(String.valueOf(selectedTaskId) + " - "+selectedTaskName);
view.getTaskIdAndName().setText(SafeHtmlUtils.htmlEscape(String.valueOf(selectedTaskId) + " - "+selectedTaskName));

view.getContent().clear();

Expand Down

0 comments on commit 4818204

Please sign in to comment.