Skip to content

Commit af4fc92

Browse files
fortunatomaldonadobrianchandotcom
fortunatomaldonado
authored and
brianchandotcom
committed
LPD-57867 Adjust to prevent vulnerability
1 parent 1604588 commit af4fc92

File tree

2 files changed

+19
-15
lines changed

2 files changed

+19
-15
lines changed

portal-web/docroot/html/common/themes/bottom_js.jspf

Lines changed: 19 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -208,17 +208,27 @@ if (layout != null) {
208208
UnicodeProperties layoutSetSettingsUnicodeProperties = layoutSet.getSettingsProperties();
209209

210210
UnicodeProperties layoutTypeSettingsUnicodeProperties = layout.getTypeSettingsProperties();
211+
212+
String snippet = GetterUtil.getString(layoutSetSettingsUnicodeProperties.getProperty("javascript"));
213+
%>
214+
215+
<c:if test="<%= Validator.isNotNull(snippet) %>">
216+
<%@ include file="/html/common/themes/bottom_js_script.jspf" %>
217+
</c:if>
218+
219+
<%
220+
snippet = GetterUtil.getString(masterLayoutTypeSettingsUnicodeProperties.getProperty("javascript"));
211221
%>
212222

213-
<liferay-util:include page="/html/common/themes/bottom_js_script.jsp">
214-
<liferay-util:param name="snippet" value='<%= GetterUtil.getString(layoutSetSettingsUnicodeProperties.getProperty("javascript")) %>' />
215-
</liferay-util:include>
223+
<c:if test="<%= Validator.isNotNull(snippet) %>">
224+
<%@ include file="/html/common/themes/bottom_js_script.jspf" %>
225+
</c:if>
216226

217-
<liferay-util:include page="/html/common/themes/bottom_js_script.jsp">
218-
<liferay-util:param name="snippet" value='<%= GetterUtil.getString(masterLayoutTypeSettingsUnicodeProperties.getProperty("javascript")) %>' />
219-
</liferay-util:include>
227+
<%
228+
snippet = GetterUtil.getString(layoutTypeSettingsUnicodeProperties.getProperty("javascript"));
229+
%>
220230

221-
<liferay-util:include page="/html/common/themes/bottom_js_script.jsp">
222-
<liferay-util:param name="snippet" value='<%= GetterUtil.getString(layoutTypeSettingsUnicodeProperties.getProperty("javascript")) %>' />
223-
</liferay-util:include>
231+
<c:if test="<%= Validator.isNotNull(snippet) %>">
232+
<%@ include file="/html/common/themes/bottom_js_script.jspf" %>
233+
</c:if>
224234
</c:if>

portal-web/docroot/html/common/themes/bottom_js_script.jsp renamed to portal-web/docroot/html/common/themes/bottom_js_script.jspf

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,6 @@
55
*/
66
--%>
77

8-
<%@ include file="/html/common/init.jsp" %>
9-
10-
<%
11-
String snippet = ParamUtil.getString(request, "snippet");
12-
%>
13-
148
<c:if test="<%= Validator.isNotNull(snippet) %>">
159
<aui:script type="text/javascript">
1610
// <![CDATA[

0 commit comments

Comments
 (0)