Merge pull request #1050 from fj/patch-1

Remove potential XSS vulnerability in Freemarker documentation
2016-05-30 09:44:18 +02:00 · 2016-05-30 09:44:18 +02:00 · 250d82768f
parent 6efa058917 2367f52aaf
commit 250d82768f
1 changed files with 1 additions and 1 deletions
--- a/src/asciidoc/web-view.adoc
+++ b/src/asciidoc/web-view.adoc
@ -331,7 +331,7 @@ Example code is shown below for the `personFormV`/`personFormF` views configured
 			<@spring.bind "myModelObject.name"/>
 			<input type="text"
 				name="${spring.status.expression}"
-				value="${spring.status.value?default("")}"/><br>
+				value="${spring.status.value?html}"/><br>
 			<#list spring.status.errorMessages as error> <b>${error}</b> <br> </#list>
 			<br>
 			...