diff --git a/UnicodeJsps/pom.xml b/UnicodeJsps/pom.xml index 85f531be6..98f0e75b2 100644 --- a/UnicodeJsps/pom.xml +++ b/UnicodeJsps/pom.xml @@ -80,7 +80,19 @@ unicodetools-testutils test - + + + org.owasp.encoder + encoder + 1.2.3 + + + + org.owasp.encoder + encoder-jsp + 1.2.3 + + ${project.artifactId} diff --git a/UnicodeJsps/src/main/webapp/bidic.jsp b/UnicodeJsps/src/main/webapp/bidic.jsp index b7d3b6e77..0b5b43651 100644 --- a/UnicodeJsps/src/main/webapp/bidic.jsp +++ b/UnicodeJsps/src/main/webapp/bidic.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> @@ -258,7 +259,7 @@ function setUbaInput(str) { - + diff --git a/UnicodeJsps/src/main/webapp/bnf.jsp b/UnicodeJsps/src/main/webapp/bnf.jsp index e2ae2215d..2f133db04 100644 --- a/UnicodeJsps/src/main/webapp/bnf.jsp +++ b/UnicodeJsps/src/main/webapp/bnf.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> @@ -50,23 +51,23 @@ Input - + TestText - +

Modified BNF Pattern

-

<%=fixedbnf%>

+

<%=Encode.forHtmlContent(fixedbnf)%>

Underlined Find Values

-

<%=testPattern%>

+

<%=Encode.forHtmlContent(testPattern)%>

Random Generation

<%=random%> diff --git a/UnicodeJsps/src/main/webapp/breaks.jsp b/UnicodeJsps/src/main/webapp/breaks.jsp index 8b76191a0..85b6476f3 100644 --- a/UnicodeJsps/src/main/webapp/breaks.jsp +++ b/UnicodeJsps/src/main/webapp/breaks.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> @@ -38,7 +39,7 @@ span.break { border-right: 1px solid red;} - + <%=UnicodeJsp.showBreaks(text, choice)%>  diff --git a/UnicodeJsps/src/main/webapp/idna.jsp b/UnicodeJsps/src/main/webapp/idna.jsp index e3c9087fe..cbec9d295 100644 --- a/UnicodeJsps/src/main/webapp/idna.jsp +++ b/UnicodeJsps/src/main/webapp/idna.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> @@ -29,7 +30,7 @@ For special characters, you can use Picker - + diff --git a/UnicodeJsps/src/main/webapp/languageid.jsp b/UnicodeJsps/src/main/webapp/languageid.jsp index 743167212..8f9d5aad6 100644 --- a/UnicodeJsps/src/main/webapp/languageid.jsp +++ b/UnicodeJsps/src/main/webapp/languageid.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> @@ -45,7 +46,7 @@ Input - + diff --git a/UnicodeJsps/src/main/webapp/list-unicodeset.jsp b/UnicodeJsps/src/main/webapp/list-unicodeset.jsp index d54840033..4c031c878 100644 --- a/UnicodeJsps/src/main/webapp/list-unicodeset.jsp +++ b/UnicodeJsps/src/main/webapp/list-unicodeset.jsp @@ -1,5 +1,6 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> Unicode Utilities: UnicodeSet @@ -36,7 +37,7 @@ Input - + @@ -46,9 +47,9 @@ name="ucd">   name="esc">   - name="g" size="25" value="<%=group%>"> + name="g" size="25" value="<%=Encode.forHtmlAttribute(group)%>"> - name="i" size="25" value="<%=info%>"> + name="i" size="25" value="<%=Encode.forHtmlAttribute(info)%>"> diff --git a/UnicodeJsps/src/main/webapp/regex.jsp b/UnicodeJsps/src/main/webapp/regex.jsp index 54ce4549d..4662be132 100644 --- a/UnicodeJsps/src/main/webapp/regex.jsp +++ b/UnicodeJsps/src/main/webapp/regex.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> @@ -41,20 +42,20 @@ Input - + TestText - +

Modified Regex Pattern

-

<%=fixedRegex%>

+

<%=Encode.forHtmlContent(fixedRegex)%>

Underlined Find Values

<%=testPattern%>

diff --git a/UnicodeJsps/src/main/webapp/transform.jsp b/UnicodeJsps/src/main/webapp/transform.jsp index c39d9e0c5..a5aa33439 100644 --- a/UnicodeJsps/src/main/webapp/transform.jsp +++ b/UnicodeJsps/src/main/webapp/transform.jsp @@ -1,3 +1,4 @@ +<%@ page import="org.owasp.encoder.Encode" %> <%@ include file="header.jsp" %> @@ -24,13 +25,13 @@ Transform Rules - + Sample - +