mirror of
https://codeberg.org/Mercury-IM/Smack
synced 2024-11-27 00:32:07 +01:00
Switch or's to and's so that the exploit can't be used note that this doesn't fix the issue of invalid XML. SMACK-65
git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@4343 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
parent
c4168bf3d7
commit
639386759a
1 changed files with 2 additions and 2 deletions
|
@ -70,12 +70,12 @@ public class XHTMLExtensionProvider implements PacketExtensionProvider {
|
|||
buffer.append(StringUtils.escapeForXML(parser.getText()));
|
||||
}
|
||||
} else if (eventType == XmlPullParser.END_TAG) {
|
||||
if (parser.getName().equals("body") || parser.getDepth() <= depth) {
|
||||
if (parser.getName().equals("body") && parser.getDepth() <= depth) {
|
||||
buffer.append(parser.getText());
|
||||
xhtmlExtension.addBody(buffer.toString());
|
||||
}
|
||||
else if (parser.getName().equals(xhtmlExtension.getElementName())
|
||||
|| parser.getDepth() <= startDepth) {
|
||||
&& parser.getDepth() <= startDepth) {
|
||||
done = true;
|
||||
}
|
||||
else {
|
||||
|
|
Loading…
Reference in a new issue