Author: thomas.heute(a)jboss.com
Date: 2009-01-31 03:57:18 -0500 (Sat, 31 Jan 2009)
New Revision: 12743
Modified:
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java
Log:
minor
Modified:
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java
===================================================================
---
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-30
23:17:10 UTC (rev 12742)
+++
branches/Enterprise_Portal_Platform_4_3/core-cms/src/main/org/jboss/portal/core/cms/ui/admin/CMSAdminPortlet.java 2009-01-31
08:57:18 UTC (rev 12743)
@@ -62,6 +62,7 @@
import org.jboss.portal.search.impl.jcr.JCRQuery;
import org.jboss.portal.search.impl.jcr.JCRQueryConverter;
import org.jboss.portal.security.PortalPermission;
+import org.jboss.portal.server.ParameterSanitizer;
import org.jboss.portal.server.request.URLContext;
import org.jboss.portal.server.request.URLFormat;
import org.jboss.portal.workflow.WorkflowException;
@@ -237,13 +238,13 @@
String sPath = rReq.getParameter("path");
if (sPath != null)
{
- sPath = ParameterValidation.sanitizeFromPattern(sPath, CHECK_FOR_XSS_PATTERN,
SLASH);
+ sPath = ParameterSanitizer.sanitizeFromPattern(sPath, CHECK_FOR_XSS_PATTERN,
SLASH);
}
String sNavPath = rReq.getParameter("navpath");
if (sNavPath != null)
{
- sNavPath = ParameterValidation.sanitizeFromPattern(sNavPath,
CHECK_FOR_XSS_PATTERN, SLASH);
+ sNavPath = ParameterSanitizer.sanitizeFromPattern(sNavPath,
CHECK_FOR_XSS_PATTERN, SLASH);
}
if (op == null)
@@ -552,7 +553,7 @@
rRes.setContentType("text/html");
rReq.setAttribute("currpath", sPath);
String language = rReq.getParameter("language");
- ParameterValidation.sanitizeFromPattern(language, CHECK_FOR_XSS_PATTERN,
"en");
+ ParameterSanitizer.sanitizeFromPattern(language, CHECK_FOR_XSS_PATTERN,
"en");
rReq.setAttribute("language", language);
javax.portlet.PortletRequestDispatcher prd =
getPortletContext().getRequestDispatcher(CMSAdminConstants.CMS_JSP_PATH +
"/editbinary.jsp");
prd.include(rReq, rRes);
@@ -625,7 +626,7 @@
else if (CMSAdminConstants.OP_EDIT.equals(op))
{
String sLanguage = rReq.getParameter("language");
- ParameterValidation.sanitizeFromPattern(sLanguage, CHECK_FOR_XSS_PATTERN,
"en");
+ ParameterSanitizer.sanitizeFromPattern(sLanguage, CHECK_FOR_XSS_PATTERN,
"en");
String sVersion = rReq.getParameter("version");
@@ -707,7 +708,7 @@
else if (CMSAdminConstants.OP_EXPORTARCHIVE_PICKUP.equals(op))
{
String sPickupFile = rReq.getParameter("filepath");
- ParameterValidation.sanitizeFromPattern(sPickupFile, CHECK_FOR_XSS_PATTERN,
SLASH);
+ ParameterSanitizer.sanitizeFromPattern(sPickupFile, CHECK_FOR_XSS_PATTERN,
SLASH);
rRes.setContentType("text/html");
PortletRequestDispatcher prd = null;
@@ -986,7 +987,7 @@
if (!item.isFormField())
{
String sFilename = item.getName();
- sFilename = ParameterValidation.sanitizeFromPattern(sFilename,
CHECK_FOR_XSS_PATTERN, "");
+ sFilename = ParameterSanitizer.sanitizeFromPattern(sFilename,
CHECK_FOR_XSS_PATTERN, "");
if (!"".equals(sFilename))
{
@@ -1050,7 +1051,7 @@
{
String fieldName = item.getFieldName();
String itemValue = item.getString(aReq.getCharacterEncoding());
- itemValue = ParameterValidation.sanitizeFromPattern(itemValue,
CHECK_FOR_XSS_PATTERN, "");
+ itemValue = ParameterSanitizer.sanitizeFromPattern(itemValue,
CHECK_FOR_XSS_PATTERN, "");
if ("destination".equals(fieldName))
{
sPath = itemValue;