From 5a21271a367a85507d399e15ce66861efb320b11 Mon Sep 17 00:00:00 2001
From: Jouni Koivuviita <jouni.koivuviita@itmill.com>
Date: Thu, 24 Jul 2008 07:57:56 +0000
Subject: [PATCH] Fixed a possible security vulnerability in IWindow. The
 window caption string was not escaped, and any HTML could be passed and
 parsed inside it.

svn changeset:5115/svn branch:trunk
---
 src/com/itmill/toolkit/terminal/gwt/client/ui/IWindow.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/com/itmill/toolkit/terminal/gwt/client/ui/IWindow.java b/src/com/itmill/toolkit/terminal/gwt/client/ui/IWindow.java
index 10bfd939be..76c7a9ea81 100644
--- a/src/com/itmill/toolkit/terminal/gwt/client/ui/IWindow.java
+++ b/src/com/itmill/toolkit/terminal/gwt/client/ui/IWindow.java
@@ -491,7 +491,7 @@ public class IWindow extends PopupPanel implements Paintable, ScrollListener {
     }
 
     public void setCaption(String c, String icon) {
-        String html = c;
+        String html = Util.escapeHTML(c);
         if (icon != null) {
             icon = client.translateToolkitUri(icon);
             html = "<img src=\"" + icon + "\" class=\"i-icon\" />" + html;
-- 
2.39.5