wicket pull request: WICKET-4219: Enable markup escaping of WizardStep's la...

Git at Apache Tue, 15 May 2012 00:16:49 -0700

GitHub user tgoetz opened a pull request:

    https://github.com/apache/wicket/pull/9


    WICKET-4219: Enable markup escaping of WizardStep's labels by default due 
to security aspects

    WizardStep's Header Labels now inherit the escape settings from Header, 
thus escaping can now be configured by overriding getHeader in WizardStep:
    
    @Override
    public Component getHeader(String id, Component parent, IWizard wizard) {
        return super.getHeader(id, parent, 
wizard).setEscapeModelStrings(true|false);
    }
    
    Thus the default is that the Strings will be escaped.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/tgoetz/wicket master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/wicket/pull/9.patch

----
commit a8b3f97bd019e601f664a3697f12994bad1cb862
Author: Thomas GoÌtz <[email protected]>
Date:   2012-05-15T00:13:53-07:00

    WICKET-4219: Enable markup escaping of WizardStep's labels by default due 
to security aspects
    
    WizardStep's Header Labels now inherit the escape settings from Header, 
thus escaping can now be configured by overriding getHeader in WizardStep:
    
    @Override
    public Component getHeader(String id, Component parent, IWizard wizard) {
        return super.getHeader(id, parent, 
wizard).setEscapeModelStrings(true|false);
    }
    
    Thus the default is that the Strings will be escaped.

----

wicket pull request: WICKET-4219: Enable markup escaping of WizardStep's la...

Reply via email to