Should I log this as a bug?
> I have some code like this:
>
> ctx.getMessages().add(new SimpleMessage(
> "Record ''{0}'' deleted", recordName));
>
> If recordName contains HTML characters they are output unescaped by the
> <stripes:messages> tag. This contrasts with field validation errors,
> which are correctly escaped. Shouldn't all the error handling and
> messaging stuff work the same way, and escape HTML characters?
--
Alan Burlison
--
-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Stripes-users mailing list
Stripes-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/stripes-users
