This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
commit 3eea7d967d4036a22763a865e9b26aecd8c61ca7
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Sun Feb 27 22:07:18 2022 +0100
Fixed: Stored XSS in webappPath parameter from content/control/EditWebSite
(OFBIZ-12584)
Fixes compiles issues put in with last commit
---
.../src/main/java/org/apache/ofbiz/content/data/DataEvents.java | 4 ++--
.../main/java/org/apache/ofbiz/service/engine/EntityAutoEngine.java | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git
a/applications/content/src/main/java/org/apache/ofbiz/content/data/DataEvents.java
b/applications/content/src/main/java/org/apache/ofbiz/content/data/DataEvents.java
index 1c233ca..db9d561 100644
---
a/applications/content/src/main/java/org/apache/ofbiz/content/data/DataEvents.java
+++
b/applications/content/src/main/java/org/apache/ofbiz/content/data/DataEvents.java
@@ -89,11 +89,11 @@ public class DataEvents {
// It simply returns a blank screen.
try {
if (!SecuredUpload.isValidText(contentId,
Collections.emptyList())) {
- Debug.logError("================== Not saved for security
reason ==================", MODULE);
+ Debug.logError("================== Not saved for security
reason ==================", module);
return "success";
}
} catch (IOException e) {
- Debug.logError("================== Not saved for security reason
==================", MODULE);
+ Debug.logError("================== Not saved for security reason
==================", module);
return "success";
}
diff --git
a/framework/service/src/main/java/org/apache/ofbiz/service/engine/EntityAutoEngine.java
b/framework/service/src/main/java/org/apache/ofbiz/service/engine/EntityAutoEngine.java
index cff8d9e..c1fc9b1 100644
---
a/framework/service/src/main/java/org/apache/ofbiz/service/engine/EntityAutoEngine.java
+++
b/framework/service/src/main/java/org/apache/ofbiz/service/engine/EntityAutoEngine.java
@@ -76,7 +76,7 @@ public final class EntityAutoEngine extends
GenericAsyncEngine {
if (!isValidText(parameters)) {
return ServiceUtil.returnError("Not saved for security reason!");
}
- DispatchContext dctx = getDispatcher().getLocalContext(localName);
+ DispatchContext dctx = dispatcher.getLocalContext(localName);
Locale locale = (Locale) parameters.get("locale");
Map<String, Object> result = ServiceUtil.returnSuccess();
@@ -591,11 +591,11 @@ public final class EntityAutoEngine extends
GenericAsyncEngine {
if (parameter != null) {
try {
if (!SecuredUpload.isValidText(parameter,
Collections.emptyList())) {
- Debug.logError("================== Not saved for security
reason ==================", MODULE);
+ Debug.logError("================== Not saved for security
reason ==================", module);
return false;
}
} catch (IOException e) {
- Debug.logError("================== Not saved for security
reason ==================", MODULE);
+ Debug.logError("================== Not saved for security
reason ==================", module);
return false;
}
}
