2006/unicorn/src/org/w3c/unicorn UnicornCall.java,1.1.2.8,1.1.2.9

Update of /sources/public/2006/unicorn/src/org/w3c/unicorn
In directory hutz:/tmp/cvs-serv1045/src/org/w3c/unicorn

Modified Files:
      Tag: dev2
	UnicornCall.java 
Log Message:
now escapes xml characters before adding exception message to the velocity context

Index: UnicornCall.java
===================================================================
RCS file: /sources/public/2006/unicorn/src/org/w3c/unicorn/Attic/UnicornCall.java,v
retrieving revision 1.1.2.8
retrieving revision 1.1.2.9
diff -u -d -r1.1.2.8 -r1.1.2.9
--- UnicornCall.java	26 Aug 2009 17:14:02 -0000	1.1.2.8
+++ UnicornCall.java	26 Aug 2009 18:16:38 -0000	1.1.2.9
@@ -23,6 +23,7 @@
 import javax.xml.xpath.XPathExpression;
 import javax.xml.xpath.XPathFactory;
 import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.log4j.Logger;
@@ -874,7 +875,7 @@
 
 				VelocityContext context = new VelocityContext(Framework.getLanguageContexts().get(lang));
 				if (e.getMessage() != null)	
-					context.put("exception", e.getMessage());
+					context.put("exception", StringEscapeUtils.escapeXml(e.getMessage()));
 				else
 					context.put("exception", "");
 

Received on Wednesday, 26 August 2009 18:16:49 UTC