[jboss-cvs] JBossAS SVN: r95615 - branches/JBPAPP_4_2_0_GA_CP/varia/src/resources/jmx/html.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Oct 27 11:41:41 EDT 2009
Author: bshim
Date: 2009-10-27 11:41:41 -0400 (Tue, 27 Oct 2009)
New Revision: 95615
Modified:
branches/JBPAPP_4_2_0_GA_CP/varia/src/resources/jmx/html/displayMBeans.jsp
Log:
JBPAPP-1983 sanitized user input by escaping special characters
Modified: branches/JBPAPP_4_2_0_GA_CP/varia/src/resources/jmx/html/displayMBeans.jsp
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/varia/src/resources/jmx/html/displayMBeans.jsp 2009-10-27 15:29:25 UTC (rev 95614)
+++ branches/JBPAPP_4_2_0_GA_CP/varia/src/resources/jmx/html/displayMBeans.jsp 2009-10-27 15:41:41 UTC (rev 95615)
@@ -46,7 +46,7 @@
<hr>
<form action="HtmlAdaptor?action=displayMBeans" method="post" name="applyFilter" id="applyFilter">
ObjectName Filter (e.g. "jboss:*", "*:service=invoker,*"):
-<input type="text" name="filter" size="40" value="<%= request.getAttribute("filter")%>">
+<input type="text" name="filter" size="40" value="<%= translateMetaCharacters(request.getAttribute("filter"))%>">
<%
if(request.getAttribute("filterError") != null) {
out.println("<span class='error'>" + request.getAttribute("filterError") + "</span>");
More information about the jboss-cvs-commits
mailing list