Commits

Anonymous committed d647e75

Fixed WW-627: select.vm requires htmlEncode for name parameter. Also fixed unencoded other parameters.

git-svn-id: http://svn.opensymphony.com/svn/webwork/trunk@569573baa09-0c28-0410-bef9-dab3c582ae83

  • Participants
  • Parent commits 3330e17

Comments (0)

Files changed (1)

src/java/template/simple/select.vm

-<select name="$!parameters.name"
-    #if ($parameters.size)             size="$parameters.size"                              #end
-    #if ($parameters.disabled)         disabled="disabled"                                  #end
-    #if ($parameters.tabindex)         tabindex="$parameters.tabindex"                      #end
-    #if ($parameters.onchange)         onchange="$parameters.onchange"                      #end
-    #if ($parameters.onclick)          onclick="$parameters.onclick"                        #end
-    #if ($parameters.id)               id="$parameters.id"                                  #end
-    #if ($parameters.multiple)         multiple="multiple"                                  #end
-    #if ($parameters.cssClass)         class="$!webwork.htmlEncode($parameters.cssClass)"   #end
-    #if ($parameters.cssStyle)         style="$!webwork.htmlEncode($parameters.cssStyle)"   #end
+<select name="$!webwork.htmlEncode($parameters.name)"
+    #if ($parameters.size)             size="$!webwork.htmlEncode($parameters.size)"         #end
+    #if ($parameters.disabled)         disabled="disabled"                                   #end
+    #if ($parameters.tabindex)         tabindex="$!webwork.htmlEncode($parameters.tabindex)" #end
+    #if ($parameters.onchange)         onchange="$!webwork.htmlEncode($parameters.onchange)" #end
+    #if ($parameters.onclick)          onclick="$!webwork.htmlEncode($parameters.onclick)"   #end
+    #if ($parameters.id)               id="$!webwork.htmlEncode($parameters.id)"             #end
+    #if ($parameters.multiple)         multiple="multiple"                                   #end
+    #if ($parameters.cssClass)         class="$!webwork.htmlEncode($parameters.cssClass)"    #end
+    #if ($parameters.cssStyle)         style="$!webwork.htmlEncode($parameters.cssStyle)"    #end
 >
 
 #if ($parameters.headerKey && $parameters.headerValue)