Anonymous avatar Anonymous committed d647e75

Fixed WW-627: select.vm requires htmlEncode for name parameter. Also fixed unencoded other parameters.

git-svn-id: http://svn.opensymphony.com/svn/webwork/trunk@569 573baa09-0c28-0410-bef9-dab3c582ae83

Comments (0)

Files changed (1)

src/java/template/simple/select.vm

-<select name="$!parameters.name"
-    #if ($parameters.size)             size="$parameters.size"                              #end
-    #if ($parameters.disabled)         disabled="disabled"                                  #end
-    #if ($parameters.tabindex)         tabindex="$parameters.tabindex"                      #end
-    #if ($parameters.onchange)         onchange="$parameters.onchange"                      #end
-    #if ($parameters.onclick)          onclick="$parameters.onclick"                        #end
-    #if ($parameters.id)               id="$parameters.id"                                  #end
-    #if ($parameters.multiple)         multiple="multiple"                                  #end
-    #if ($parameters.cssClass)         class="$!webwork.htmlEncode($parameters.cssClass)"   #end
-    #if ($parameters.cssStyle)         style="$!webwork.htmlEncode($parameters.cssStyle)"   #end
+<select name="$!webwork.htmlEncode($parameters.name)"
+    #if ($parameters.size)             size="$!webwork.htmlEncode($parameters.size)"         #end
+    #if ($parameters.disabled)         disabled="disabled"                                   #end
+    #if ($parameters.tabindex)         tabindex="$!webwork.htmlEncode($parameters.tabindex)" #end
+    #if ($parameters.onchange)         onchange="$!webwork.htmlEncode($parameters.onchange)" #end
+    #if ($parameters.onclick)          onclick="$!webwork.htmlEncode($parameters.onclick)"   #end
+    #if ($parameters.id)               id="$!webwork.htmlEncode($parameters.id)"             #end
+    #if ($parameters.multiple)         multiple="multiple"                                   #end
+    #if ($parameters.cssClass)         class="$!webwork.htmlEncode($parameters.cssClass)"    #end
+    #if ($parameters.cssStyle)         style="$!webwork.htmlEncode($parameters.cssStyle)"    #end
 >
 
 #if ($parameters.headerKey && $parameters.headerValue)
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.