Skip to content

Commit

Permalink
LPS-147613 Fix XSS vulnerability
Browse files Browse the repository at this point in the history
  • Loading branch information
markocikos authored and brianchandotcom committed Mar 14, 2022
1 parent 0e9d852 commit a0d25a7
Showing 1 changed file with 7 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

import com.liferay.frontend.taglib.clay.internal.servlet.taglib.BaseContainerTag;
import com.liferay.portal.kernel.language.LanguageUtil;
import com.liferay.portal.kernel.util.HtmlUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.taglib.util.TagResourceBundleUtil;

Expand Down Expand Up @@ -124,16 +125,15 @@ protected int processStartTag() throws Exception {

jspWriter.write("<span class=\"label-item label-item-expand\">");

String labelValue = _label;

if (_translated) {
jspWriter.write(
LanguageUtil.get(
TagResourceBundleUtil.getResourceBundle(pageContext),
_label));
}
else {
jspWriter.write(_label);
labelValue = LanguageUtil.get(
TagResourceBundleUtil.getResourceBundle(pageContext),
_label);
}

jspWriter.write(HtmlUtil.escape(labelValue));
jspWriter.write("</span>");

if (_dismissible) {
Expand Down

0 comments on commit a0d25a7

Please sign in to comment.