Mercurial > dive4elements > gnv-client
diff gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java @ 705:f550bd27a3f1
Html characters in strings inserted by the user are quoted (issue221).
gnv/trunk@969 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Ingo Weinzierl <ingo.weinzierl@intevation.de> |
---|---|
date | Thu, 22 Apr 2010 12:58:44 +0000 |
parents | 89ade245ca7a |
children | 0441e78cd900 |
line wrap: on
line diff
--- a/gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java Mon Apr 19 15:36:11 2010 +0000 +++ b/gnv/src/main/java/de/intevation/gnv/action/ArtifactDatabaseActionBase.java Thu Apr 22 12:58:44 2010 +0000 @@ -49,5 +49,30 @@ ActionForward lForward = mapping.findForward(EXCEPTION_FORWARD_ID); return lForward; } + + + protected String encode(String s) { + log.debug("String to encode: " + s); + s = s.replaceAll("<", "<"); + s = s.replaceAll(">", ">"); + s = s.replaceAll("\"", """); + s = s.replaceAll("&", "&"); + + log.debug("Encoded string: " + s); + return s; + } + + + protected String[] encode(String[] s) { + if (s == null) + return null; + + String[] good = new String[s.length]; + for (int i = 0; i < good.length; i++) { + good[i] = encode(s[i]); + } + + return good; + } } // vim:set ts=4 sw=4 si et sta sts=4 fenc=utf8 :