Project: Acegi

Revision: 3264

Author: luke_t

Date: 26 Aug 2008 12:21:29

• /spring-security/trunk/taglibs/src/main/java/org/springframework/security/taglibs/authz/AuthenticationTag.java

  ......	@@ -19,6 +19,7 @@
  19	19
  20	20	import org.springframework.security.context.SecurityContext;
  21	21	import org.springframework.security.context.SecurityContextHolder;
  	22	import org.springframework.security.util.TextUtils;
  22	23
  23	24	import org.springframework.beans.BeanWrapperImpl;
  24	25	import org.springframework.beans.BeansException;
  ......	@@ -94,7 +95,7 @@
  94	95	if (auth.getPrincipal() == null) {
  95	96	return Tag.EVAL_PAGE;
  96	97	}
  97
  	98
  98	99	try {
  99	100	BeanWrapperImpl wrapper = new BeanWrapperImpl(auth);
  100	101	result = wrapper.getPropertyValue(property);
  ......	@@ -120,7 +121,7 @@
  120	121	}
  121	122	}
  122	123	} else {
  123		writeMessage(String.valueOf(result));
  	124	writeMessage(TextUtils.escapeEntities(String.valueOf(result)));
  124	125	}
  125	126	return EVAL_PAGE;
  126	127	}

• /spring-security/trunk/core/src/main/java/org/springframework/security/util/TextUtils.java

  ......	@@ -2,18 +2,22 @@
  2	2
  3	3	/**
  4	4	* Utilities for working with Strings and text.
  5		*
  	5	*
  6	6	* @author Luke Taylor
  7	7	* @version $Id$
  8	8	*/
  9	9	public abstract class TextUtils {
  10	10
  11	11	public static String escapeEntities(String s) {
  	12	if (s == null || s.length() == 0) {
  	13	return s;
  	14	}
  	15
  12	16	StringBuffer sb = new StringBuffer();
  13
  	17
  14	18	for (int i=0; i < s.length(); i++) {
  15	19	char c = s.charAt(i);
  16
  	20
  17	21	if(c == '<') {
  18	22	sb.append("&lt;");
  19	23	} else if (c == '>') {
  ......	@@ -26,8 +30,8 @@
  26	30	sb.append(c);
  27	31	}
  28	32	}
  29
  	33
  30	34	return sb.toString();
  31	35	}
  32
  	36
  33	37	}