diff options
Diffstat (limited to 'src/com/vaadin/terminal/gwt/client/Util.java')
| -rw-r--r-- | src/com/vaadin/terminal/gwt/client/Util.java | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/com/vaadin/terminal/gwt/client/Util.java b/src/com/vaadin/terminal/gwt/client/Util.java index c446d90fca..34c52357cd 100644 --- a/src/com/vaadin/terminal/gwt/client/Util.java +++ b/src/com/vaadin/terminal/gwt/client/Util.java @@ -259,6 +259,22 @@ public class Util { } /** + * Escapes the string so it is safe to write inside an HTML attribute. + * + * @param attribute + * The string to escape + * @return An escaped version of <literal>attribute</literal>. + */ + public static String escapeAttribute(String attribute) { + attribute = attribute.replace("\"", """); + attribute = attribute.replace("'", "'"); + attribute = attribute.replace(">", ">"); + attribute = attribute.replace("<", "<"); + attribute = attribute.replace("&", "&"); + return attribute; + } + + /** * Adds transparent PNG fix to image element; only use for IE6. * * @param el @@ -1075,8 +1091,10 @@ public class Util { ArrayList<String[]> vars = new ArrayList<String[]>(); for (int i = 0; i < loggedBurst.size(); i++) { String value = loggedBurst.get(i++); - String[] split = loggedBurst.get(i).split( - ApplicationConnection.VAR_FIELD_SEPARATOR); + String[] split = loggedBurst + .get(i) + .split(String + .valueOf(ApplicationConnection.VAR_FIELD_SEPARATOR)); String id = split[0]; if (curId == null) { |