[jboss-cvs] jboss-seam ...

[Christian Bauer]

  User: cbauer  
  Date: 07/12/19 08:42:04

  Modified:    jboss-seam  seam-text.g
  Log:
  JBSEAM-2204, Potential XSS issue in seam text with object and embed elements
  
  Revision  Changes    Path
  1.43      +2 -2      jboss-seam/seam-text.g
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: seam-text.g
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/seam-text.g,v
  retrieving revision 1.42
  retrieving revision 1.43
  diff -u -b -r1.42 -r1.43
  --- seam-text.g	19 Dec 2007 05:15:34 -0000	1.42
  +++ seam-text.g	19 Dec 2007 13:42:04 -0000	1.43
  @@ -10,8 +10,8 @@
   	defaultErrorHandler=false;
   }
   {   
  -	private java.util.Set htmlElements = new java.util.HashSet( java.util.Arrays.asList( new String[] { "a", "p", "q", "blockquote", "code", "pre", "table", "tr", "td", "th", "ul", "ol", "li", "b", "i", "u", "tt", "del", "em", "hr", "br", "div", "span", "h1", "h2", "h3", "h4", "img" , "object", "param", "embed"} ) );
  -	private java.util.Set htmlAttributes = new java.util.HashSet( java.util.Arrays.asList( new String[] { "src", "href", "lang", "class", "id", "style", "width", "height", "name", "value", "type", "wmode" } ) );
  +	private java.util.Set htmlElements = new java.util.HashSet( java.util.Arrays.asList( new String[] { "a", "p", "q", "blockquote", "code", "pre", "table", "tr", "td", "th", "ul", "ol", "li", "b", "i", "u", "tt", "del", "em", "hr", "br", "div", "span", "h1", "h2", "h3", "h4", "img"} ) );
  +	private java.util.Set htmlAttributes = new java.util.HashSet( java.util.Arrays.asList( new String[] { "src", "href", "lang", "class", "id", "style", "width", "height", "name", "value", "type" } ) );
   
   	 public class SeamTextMacro {
   	   public String name;