Permalink
Browse files

Fix XSS flaw on example search

  • Loading branch information...
shred committed Oct 28, 2018
1 parent 2bf5428 commit d345e6bc7798bd717a583ec7f545ca387819d5c7
Showing with 2 additions and 1 deletion.
  1. +2 −1 cilla-xample/src/main/webapp/WEB-INF/jsp/view/search.jsp
@@ -26,6 +26,7 @@
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%@ taglib prefix="cilla" uri="http://cilla.shredzone.org/taglib/cilla" %>
<%@ taglib prefix="sz" tagdir="/WEB-INF/tags/sz" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<fmt:setBundle basename="messages"/>
<c:set var="headTitle" value="${search.title}" scope="request"/>
<c:import url="/WEB-INF/jsp/design/header.jspf"/>
@@ -41,7 +42,7 @@
<c:if test="${not empty message}">
<p>
<fmt:message key="${message}">
<fmt:param value="${details}"/>
<fmt:param value="${fn:escapeXml(details)}"/>
</fmt:message>
</p>
</c:if>

0 comments on commit d345e6b

Please sign in to comment.