From 14f111c2e3f20f563dfbe17181f77bfaa9cd57ef Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Sun, 28 Aug 2016 18:38:15 +0300 Subject: Tags: should be escaped in db and unescaped in templates --- .../src/main/java/com/juick/www/PageTemplates.java | 27 ++++------------------ 1 file changed, 4 insertions(+), 23 deletions(-) (limited to 'juick-www/src/main/java/com/juick/www/PageTemplates.java') diff --git a/juick-www/src/main/java/com/juick/www/PageTemplates.java b/juick-www/src/main/java/com/juick/www/PageTemplates.java index be9a024c..5715acd3 100644 --- a/juick-www/src/main/java/com/juick/www/PageTemplates.java +++ b/juick-www/src/main/java/com/juick/www/PageTemplates.java @@ -22,6 +22,7 @@ import com.juick.Tag; import com.juick.server.MessagesQueries; import com.juick.server.TagQueries; import com.juick.server.UserQueries; +import org.apache.commons.lang3.StringEscapeUtils; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.util.StringUtils; import ru.sape.Sape; @@ -89,7 +90,7 @@ public class PageTemplates { out.println(""); out.print("
"); out.println("