zydronium/websitepanel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Quick fix for issue tracker #315

Browse source 
- AntiXSS Library upgraded from version 1.5 to 4.2.1
- WebPortal web.config changed to force framework to use AntiXSS
- obsolete AntiXss.HtmlEncode calls replaced with Microsoft.Security.Application.Encoder.HtmlEncode
This commit is contained in:
rdolezel 2012-08-09 17:56:41 +02:00
parent 141efa1b1b
commit 29c1a54382
23 changed files with 41 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

4
WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeContactGeneralSettings.ascx.cs
View file

@ -64,7 +64,7 @@ namespace WebsitePanel.Portal.ExchangeServer
ExchangeContact contact = ES.Services.ExchangeServer.GetContactGeneralSettings(PanelRequest.ItemID,
PanelRequest.AccountID);
litDisplayName.Text = AntiXss.HtmlEncode(contact.DisplayName);
litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(contact.DisplayName);
// bind form
txtDisplayName.Text = contact.DisplayName;
@ -146,7 +146,7 @@ namespace WebsitePanel.Portal.ExchangeServer
return;
}
litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_CONTACT_SETTINGS");
}

2
WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangeDistributionListGeneralSettings.ascx.cs
View file

@ -105,7 +105,7 @@ namespace WebsitePanel.Portal.ExchangeServer
return;
}
litDisplayName.Text = AntiXss.HtmlEncode(txtDisplayName.Text);
litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(txtDisplayName.Text);
messageBox.ShowSuccessMessage("EXCHANGE_UPDATE_DLIST_SETTINGS");
}

2
WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/ExchangePublicFolderGeneralSettings.ascx.cs
View file

@ -120,7 +120,7 @@ namespace WebsitePanel.Portal.ExchangeServer
string origName = litDisplayName.Text;
origName = origName.Substring(0, origName.LastIndexOf("\\"));
litDisplayName.Text = AntiXss.HtmlEncode(origName + txtName.Text);
litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(origName + txtName.Text);
BindSettings();
}

2
WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/ExchangeServer/OrganizationUserGeneralSettings.ascx.cs
View file

@ -70,7 +70,7 @@ namespace WebsitePanel.Portal.HostedSolution
OrganizationUser user = ES.Services.Organizations.GetUserGeneralSettings(PanelRequest.ItemID,
PanelRequest.AccountID);
litDisplayName.Text = AntiXss.HtmlEncode(user.DisplayName);
litDisplayName.Text = Microsoft.Security.Application.Encoder.HtmlEncode(user.DisplayName);
lblUserDomainName.Text = user.DomainUserName;