Mercurial > dive4elements > gnv-client

diff gnv/ChangeLog @ 705:f550bd27a3f1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Html characters in strings inserted by the user are quoted (issue221). gnv/trunk@969 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author Ingo Weinzierl <ingo.weinzierl@intevation.de>
date Thu, 22 Apr 2010 12:58:44 +0000
parents ae946acba005
children 2659a5b1fa1e
line wrap: on
line diff
--- a/gnv/ChangeLog	Mon Apr 19 15:36:11 2010 +0000
+++ b/gnv/ChangeLog	Thu Apr 22 12:58:44 2010 +0000
@@ -1,3 +1,14 @@
+2010-04-22  Ingo Weinzierl <ingo.weinzierl@intevation.de>
+
+	  Issue221
+
+	* src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java:
+	  Added methods to quote html characters in strings.
+
+	* src/main/java/de/intevation/gnv/action/WMSAction.java: Call methods to
+	  quote html characters in strings inserted by the user. Used to be safe 
+	  from html injections.
+
 2010-04-19  Hans Plum <hans@intevation.de>
 
 	Issue 241: Set Path to Tomcat Standard Logging
http://dive4elements.wald.intevation.org