svn commit: r1812513 - /tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java

Wed, 18 Oct 2017 06:31:15 -0700 

Author: markt
Date: Wed Oct 18 13:30:35 2017
New Revision: 1812513

URL: http://svn.apache.org/viewvc?rev=1812513&view=rev
Log:
Improvements and copy/paste fix after kkolinko review

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java?rev=1812513&r1=1812512&r2=1812513&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/security/Escape.java Wed Oct 18 
13:30:35 2017
@@ -52,25 +52,25 @@ public class Escape {
             } else if (c == '>') {
                 sb.append(">");
             } else if (c == '\'') {
-                sb.append("'");
+                sb.append("'");
             } else if (c == '&') {
                 sb.append("&");
             } else if (c == '"') {
                 sb.append(""");
             } else if (c == '/') {
-                sb.append("/");
+                sb.append("/");
             } else {
                 sb.append(c);
             }
         }
 
-        return sb.toString();
+        return (sb.length() > content.length()) ? sb.toString() : content;
     }
 
 
     /**
      * Convert the object to a string via {@link Object#toString()} and HTML
-     * escape the resulting string for use in HTMl content.
+     * escape the resulting string for use in HTML content.
      *
      * @param obj       The object to convert to String and then escape
      *
@@ -83,7 +83,7 @@ public class Escape {
         }
 
         try {
-            return xml(obj.toString());
+            return htmlElementContent(obj.toString());
         } catch (Exception e) {
             return null;
         }
@@ -109,8 +109,8 @@ public class Escape {
      * @param ifNull    The value to return if content is {@code null}
      * @param content   The content to escape
      *
-     * @return  The escaped content or the value of ifNull if the content was
-     *          {@code null}
+     * @return  The escaped content or the value of {@code ifNull} if the
+     *          content was {@code null}
      */
     public static String xml(String ifNull, String content) {
         return xml(ifNull, false, content);
@@ -155,6 +155,6 @@ public class Escape {
             }
         }
 
-        return sb.toString();
+        return (sb.length() > content.length()) ? sb.toString(): content;
     }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to