GitBucket
Toggle navigation
Snippets
Sign in
Files
Branches
2
Releases
Issues
6
Pull requests
1
Labels
Priorities
Milestones
Wiki
Fork
: 0
kimee
/
blog
Browse code
Fix
#9
by escaping HTML special characters
master
photos
1 parent
65b920e
commit
6d7160d6c77df69224bcb3963918fa24e4a1647a
Kimberlee I. Model
authored
on 2 May 2022
Patch
Unified
Split
Showing
2 changed files
+14
-0
■
■
■
■
■
src/main/java/kim/redbow/web/blog/Util.java
+1
-1
■
■
■■■
src/main/webapp/manage/editpost.jsp
Ignore Space
Show notes
View
14
■
■
■
■
■
src/main/java/kim/redbow/web/blog/Util.java
public
static
String
dateTime
(
Timestamp
tstmp
)
{
return
(
new
SimpleDateFormat
(
DATE_TIME_FMT
)).
format
(
tstmp
);
}
/**
* Escape special HTML characters.
*
* @param str input string
*/
public
static
String
escapeHTML
(
String
str
)
{
return
str
.
replaceAll
(
"&"
,
"&"
)
.
replaceAll
(
"\""
,
"""
)
.
replaceAll
(
"\'"
,
"'"
)
.
replaceAll
(
"<"
,
"<"
)
.
replaceAll
(
">"
,
">"
);
}
}
Ignore Space
Show notes
View
2
■
■
■■■
src/main/webapp/manage/editpost.jsp
<th><label
for
=
"title"
>
Title:
</label></th>
<td>
<input type="text" name="title" id="title"
value="
<%=
edit
&&
post
.
title
!=
null
?
post
.
title
:
""
%>" />
Util
.
escapeHTML
(
post
.
title
)
:
""
%>" />
</td>
</tr>
<tr>
<th><label
for
=
"urlfragment"
>
URL Fragment:
</label></th>
Show line notes below