Skip to content

Commit b7815e7

Browse files
tandraschkotandraschko
authored
Merge pull request primefaces#3419 from cnsgithub/fixes-3418-dock-xss
fixes primefaces#3418 - dock XSS
2 parents a7dba05 + 7c0d221 commit b7815e7

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

src/main/java/org/primefaces/component/dock/DockRenderer.java

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,12 @@ protected void encodeItemLabel(FacesContext context, MenuItem menuitem) throws I
108108
writer.startElement("span", null);
109109

110110
if (menuitem.getValue() != null) {
111-
writer.write((String) menuitem.getValue());
111+
if (menuitem.isEscape()) {
112+
writer.writeText((String) menuitem.getValue(), "value");
113+
}
114+
else {
115+
writer.write((String) menuitem.getValue());
116+
}
112117
}
113118

114119
writer.endElement("span");

0 commit comments

Comments
 (0)