add String escaping on same methods

author: Thomas Lenz <thomas.lenz@egiz.gv.at> 2017-11-26 21:04:51 +0100
committer: Thomas Lenz <thomas.lenz@egiz.gv.at> 2017-11-26 21:04:51 +0100
commit: cc09b52b5cb1c93543d8b4353dfc59b8192e79af (patch)
tree: c66cabed572557945ff66da64d3babe8df11143d /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
parent: 7cba2dfc31076ac4ec9f4a46bc4901e7dd082121 (diff)
download: moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.tar.gz
moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.tar.bz2
moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index aff2c83ad..3770dad2f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -161,7 +161,7 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 		Logger.info("Remove active user-session");
 
 		if(internalMOASsoSessionID == null) {
-			internalMOASsoSessionID = (String) request.getParameter(PARAM_SESSIONID);
+			internalMOASsoSessionID = StringEscapeUtils.escapeHtml((String) request.getParameter(PARAM_SESSIONID));
 		}
 		
 		if(internalMOASsoSessionID == null) {
author	Thomas Lenz <thomas.lenz@egiz.gv.at>	2017-11-26 21:04:51 +0100
committer	Thomas Lenz <thomas.lenz@egiz.gv.at>	2017-11-26 21:04:51 +0100
commit	cc09b52b5cb1c93543d8b4353dfc59b8192e79af (patch)
tree	c66cabed572557945ff66da64d3babe8df11143d /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls
parent	7cba2dfc31076ac4ec9f4a46bc4901e7dd082121 (diff)
download	moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.tar.gz moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.tar.bz2 moa-id-spss-cc09b52b5cb1c93543d8b4353dfc59b8192e79af.zip