aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/util
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2019-01-22 20:36:11 +0300
committerGravatar Vitaly Takmazov2019-01-22 20:36:11 +0300
commit7424474bb1c5e72a684544bb17498578e12f084e (patch)
treed769b75cb38af339fdf6c2bf5be461b9ba04de10 /src/main/java/com/juick/util
parent41b6764be12c2b21f0de55b8a80091e279577ab5 (diff)
Fix HTML escaping
Diffstat (limited to 'src/main/java/com/juick/util')
-rw-r--r--src/main/java/com/juick/util/MessageUtils.java3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/main/java/com/juick/util/MessageUtils.java b/src/main/java/com/juick/util/MessageUtils.java
index 5669a454..84c29807 100644
--- a/src/main/java/com/juick/util/MessageUtils.java
+++ b/src/main/java/com/juick/util/MessageUtils.java
@@ -144,6 +144,9 @@ public class MessageUtils {
}
public static String formatMessage(String msg) {
+ msg = msg.replaceAll("&", "&");
+ msg = msg.replaceAll("<", "&lt;");
+ msg = msg.replaceAll(">", "&gt;");
// --
// &mdash;
msg = msg.replaceAll("((?<=\\s)|(?<=\\A))\\-\\-?((?=\\s)|(?=\\Z))", "$1&mdash;$2");
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 11:43:43 +0000