Changeset 28912 for main/trunk/greenstone2/runtime-src/src/recpt/browsetoolsclass.cpp

Timestamp:

2014-03-18T16:45:46+13:00 (10 years ago)

Author:

ak19

Message:

Commit 5 for security. Handles setmacro() occurrences in non action.cpp files. cl is safe from hacks now.

File:

• main/trunk/greenstone2/runtime-src/src/recpt/browsetoolsclass.cpp (modified) (2 diffs)

main/trunk/greenstone2/runtime-src/src/recpt/browsetoolsclass.cpp

@@ -31 +31 @@
 #include "OIDtools.h"
 #include "gsdlunicode.h"
+#include "securitytools.h"
 
 #if defined(GSDL_USE_IOS_H)
@@ -831 +832 @@
   if (formatinfo.DocumentContents || args["d"].empty()) {
     if (args["d"].empty()) {
-      disp.setmacro("tocopenextra", "document", "id=\"" + cl_top + "\"");
+      disp.setmacro("tocopenextra", "document", "id=\"" + encodeForHTMLAttr(cl_top) + "\"");
     } else {
       disp.setmacro("tocopenextra", "document", "");