Improved formatting of escaped content.

git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3387 b35dd754-fafc-0310-a699-88a17e54d16e

Improved formatting of escaped content.
git-svn-id: http://svn.igniterealtime.org/svn/repos/wildfire/trunk@3387 b35dd754-fafc-0310-a699-88a17e54d16e
527e5154 · Matt Tucker · matt · f69e261d · 527e5154 · 527e5154
Commit 527e5154 authored Feb 01, 2006 by Matt Tucker Committed by matt Feb 01, 2006
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 8 deletions

session-details.jsp src/web/session-details.jsp +6 -6

session-row.jspf src/web/session-row.jspf +3 -2

No files found.
--- a/src/web/session-details.jsp
+++ b/src/web/session-details.jsp
@@ -76,7 +76,7 @@
 <p>
 <fmt:message key="session.details.info">
-    <fmt:param value="<%= "<b>"+URLEncoder.encode(address.toString(), "UTF-8")+"</b>" %>" />
+    <fmt:param value="<%= "<b>" + StringUtils.escapeForXML(address.toString()) + "</b>" %>" />
    <fmt:param value="<%= address.getNode() == null ? "" : "<b>"+address.getNode()+"</b>" %>" />
 </fmt:message>
@@ -97,7 +97,7 @@
            <fmt:message key="session.details.session_id" />
        </td>
        <td>
-            <%= URLEncoder.encode(address.toString(), "UTF-8") %>
+            <%= StringUtils.escapeForXML(address.toString()) %>
        </td>
    </tr>
    <tr>
@@ -108,12 +108,12 @@
            <%  String n = address.getNode(); %>
            <%  if (n == null || "".equals(n)) { %>
-                <i> <fmt:message key="session.details.anonymous" /> </i> - <%= address.getResource()==null?"":URLEncoder.encode(address.getResource(), "UTF-8") %>
+                <i> <fmt:message key="session.details.anonymous" /> </i> - <%= address.getResource()==null?"":StringUtils.escapeForXML(address.getResource()) %>
            <%  } else { %>
-                <a href="user-properties.jsp?username=<%= n %>"><%= n %></a>
+                <a href="user-properties.jsp?username=<%= URLEncoder.encode(n, "UTF-8") %>"><%= n %></a>
-                - <%= address.getResource()==null?"":URLEncoder.encode(address.getResource(), "UTF-8") %>
+                - <%= address.getResource()==null?"":StringUtils.escapeForXML(address.getResource()) %>
            <%  } %>
        </td>
@@ -167,7 +167,7 @@
                Presence.Show show = currentSess.getPresence().getShow();
                String statusTxt = currentSess.getPresence().getStatus();
                if (statusTxt != null) {
-                    statusTxt = " -- " + URLEncoder.encode(statusTxt, "UTF-8");
+                    statusTxt = " -- " + StringUtils.escapeForXML(statusTxt);
                }
                else {
                    statusTxt = "";

--- a/src/web/session-row.jspf
+++ b/src/web/session-row.jspf
@@ -6,7 +6,8 @@
 <%@ page import="org.jivesoftware.wildfire.Session,
                 org.xmpp.packet.Presence,
                 java.net.URLEncoder,
-                 org.jivesoftware.util.LocaleUtils"%>
+                 org.jivesoftware.util.LocaleUtils,
+                 org.jivesoftware.util.StringUtils"%>
 <%--
  - This page is meant to be included in other pages. It assumes 2 variables:
@@ -34,7 +35,7 @@
             ><%= ((name != null && !"".equals(name)) ? name : "<i>"+LocaleUtils.getLocalizedString("session.details.anonymous")+"</i>") %></a>
    </td>
    <td width="15%" nowrap>
-        <%= URLEncoder.encode(sess.getAddress().getResource(), "UTF-8") %>
+        <%= StringUtils.escapeForXML(sess.getAddress().getResource()) %>
    </td>
    <td>
        <%  int _status = sess.getStatus();