zydronium/websitepanel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update AntiXSS Protection

Browse source
This commit is contained in:
Virtuworks 2012-08-25 12:26:54 -04:00
parent 27fab29a16
commit 3e5581611c
63 changed files with 636 additions and 183 deletions
Download patch file Download diff file Expand all files Collapse all files

11
WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/SpaceEditDetails.ascx.cs
View file

@ -29,7 +29,6 @@
using System;
using System.Web.UI.WebControls;
using WebsitePanel.EnterpriseServer;
using Microsoft.Security.Application;
namespace WebsitePanel.Portal
{
@ -53,8 +52,8 @@ namespace WebsitePanel.Portal
BindHostingPlans();
// bind space
txtName.Text = Server.HtmlDecode(package.PackageName);
txtComments.Text = Server.HtmlDecode(package.PackageComments);
txtName.Text = PortalAntiXSS.DecodeOld(package.PackageName);
txtComments.Text = PortalAntiXSS.DecodeOld(package.PackageComments);
PurchaseDate.SelectedDate = package.PurchaseDate;
serverDetails.ServerId = package.ServerId;
Utils.SelectListItem(ddlPlan, package.PlanId);
@ -110,8 +109,8 @@ namespace WebsitePanel.Portal
package = ES.Services.Packages.GetPackage(PanelSecurity.PackageId);
package.PackageId = PanelSecurity.PackageId;
package.PackageName = Server.HtmlEncode(txtName.Text);
package.PackageComments = Server.HtmlEncode(txtComments.Text);
package.PackageName = txtName.Text;
package.PackageComments = txtComments.Text;
package.PlanId = Utils.ParseInt(ddlPlan.SelectedValue, 0);
package.PurchaseDate = PurchaseDate.SelectedDate;
@ -129,7 +128,7 @@ namespace WebsitePanel.Portal
if (result.Result < 0)
{
ShowResultMessage(result.Result);
lblMessage.Text = Microsoft.Security.Application.Encoder.HtmlEncode(GetExceedingQuotasMessage(result.ExceedingQuotas));
lblMessage.Text = PortalAntiXSS.Encode(GetExceedingQuotasMessage(result.ExceedingQuotas));
return;
}
}