Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix XSS flaw on example search
  • Loading branch information
shred committed Oct 28, 2018
1 parent 2bf5428 commit d345e6b
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion cilla-xample/src/main/webapp/WEB-INF/jsp/view/search.jsp
Expand Up @@ -26,6 +26,7 @@
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="cilla" uri="http://cilla.shredzone.org/taglib/cilla" %>
<%@ taglib prefix="sz" tagdir="/WEB-INF/tags/sz" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<fmt:setBundle basename="messages"/>
<c:set var="headTitle" value="${search.title}" scope="request"/>
<c:import url="/WEB-INF/jsp/design/header.jspf"/>
Expand All @@ -41,7 +42,7 @@
<c:if test="${not empty message}">
<p>
<fmt:message key="${message}">
<fmt:param value="${details}"/>
<fmt:param value="${fn:escapeXml(details)}"/>
</fmt:message>
</p>
</c:if>
Expand Down

0 comments on commit d345e6b

Please sign in to comment.