Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #404 from Yasasr1/master
Fix XSS vulnerability in registry advanced search
  • Loading branch information
inthirakumaaran committed Nov 10, 2022
2 parents 51d78f0 + 209ea49 commit 0c827cc
Showing 1 changed file with 18 additions and 2 deletions.
Expand Up @@ -290,9 +290,14 @@
rightPropertyValue = request.getParameter("rightPropertyValue");
if (leftPropertyValue == null) {
leftPropertyValue = "";
} else {
leftPropertyValue = Encode.forHtml(leftPropertyValue);
}
if (rightPropertyValue == null) {
rightPropertyValue = "";
} else {
rightPropertyValue = Encode.forHtml(rightPropertyValue);
}
authorNameNegate = request.getParameter("authorNameNegate");
Expand All @@ -308,6 +313,7 @@
if (mediaType == null) {
mediaType = "";
} else {
mediaType = Encode.forHtml(mediaType);
hasParameters = true;
}
Expand All @@ -317,8 +323,18 @@
leftOp = request.getParameter("leftOp");
rightOp = request.getParameter("rightOp");
if(rightOp == null) rightOp = "";
if(leftOp == null) leftOp = "";
if (rightOp == null) {
rightOp = "";
} else {
rightOp = Encode.forHtml(rightOp);
}
if (leftOp == null) {
leftOp = "";
} else {
leftOp = Encode.forHtml(leftOp);
}
}
%>

Expand Down

0 comments on commit 0c827cc

Please sign in to comment.