unicorn commit: ~ escape hidden parameters in language select from Mercurial notifier on 2010-09-17 (www-validator-cvs@w3.org from September 2010)

From: Mercurial notifier <nobody@w3.org>
Date: Fri, 17 Sep 2010 21:26:28 +0000
To: Unicorn Updates <www-validator-cvs@w3.org>
Message-Id: <E1OwiRw-00015s-Iq@blinky.w3.org>

changeset:   1498:7c319a2acf1f
user:        Thomas Gambet <tgambet@w3.org>
date:        Fri Sep 17 17:21:40 2010 -0400
files:       WebContent/WEB-INF/resources/templates/includes/footer.vm
description:
~ escape hidden parameters in language select


diff -r e7fc2e0b088f -r 7c319a2acf1f WebContent/WEB-INF/resources/templates/includes/footer.vm
--- a/WebContent/WEB-INF/resources/templates/includes/footer.vm	Fri Sep 17 15:49:27 2010 -0400
+++ b/WebContent/WEB-INF/resources/templates/includes/footer.vm	Fri Sep 17 17:21:40 2010 -0400
@@ -10,7 +10,7 @@
 		<fieldset>
 #foreach( $key in $requestParameters.keySet() )
 	#if($key != 'ucn_lang' && $key != 'ucn_text' && $key != 'ucn_file')
-	<input type="hidden" name="$key" value="$requestParameters.get($key)"/>
+	<input type="hidden" name="$key" value="$esc.html($requestParameters.get($key))"/>
 	#end
 #end
 		<label for="ucn_lang">Language</label>

Received on Friday, 17 September 2010 21:26:30 UTC