Adding render time filtering of script elements to avoid javascript based security exploits. NIHVIVO-2678

2011-07-11 23:21:43 +00:00 · 2011-07-11 23:21:43 +00:00 · 40fef365bd
commit 40fef365bd
parent 40189139bb
1 changed files with 1 additions and 1 deletions
--- a/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individuallist/ListedIndividual.java
+++ b/src/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individuallist/ListedIndividual.java
@ -23,7 +23,7 @@ public class ListedIndividual extends BaseListedIndividual {
    /* Access methods for templates */
    
    public String getPreferredTitle() {
-        return individual.getDataValue(CORE + "preferredTitle");
+        return cleanTextForDisplay( individual.getDataValue(CORE + "preferredTitle") );
    }
    
    // Add method to get core:webpages