mirror of
https://github.com/vanitasvitae/Smack.git
synced 2024-11-29 23:42:06 +01:00
Switch or's to and's so that the exploit can't be used note that this doesn't fix the issue of invalid XML. SMACK-65
git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@4343 b35dd754-fafc-0310-a699-88a17e54d16e
This commit is contained in:
parent
c4168bf3d7
commit
639386759a
1 changed files with 2 additions and 2 deletions
|
@ -70,12 +70,12 @@ public class XHTMLExtensionProvider implements PacketExtensionProvider {
|
||||||
buffer.append(StringUtils.escapeForXML(parser.getText()));
|
buffer.append(StringUtils.escapeForXML(parser.getText()));
|
||||||
}
|
}
|
||||||
} else if (eventType == XmlPullParser.END_TAG) {
|
} else if (eventType == XmlPullParser.END_TAG) {
|
||||||
if (parser.getName().equals("body") || parser.getDepth() <= depth) {
|
if (parser.getName().equals("body") && parser.getDepth() <= depth) {
|
||||||
buffer.append(parser.getText());
|
buffer.append(parser.getText());
|
||||||
xhtmlExtension.addBody(buffer.toString());
|
xhtmlExtension.addBody(buffer.toString());
|
||||||
}
|
}
|
||||||
else if (parser.getName().equals(xhtmlExtension.getElementName())
|
else if (parser.getName().equals(xhtmlExtension.getElementName())
|
||||||
|| parser.getDepth() <= startDepth) {
|
&& parser.getDepth() <= startDepth) {
|
||||||
done = true;
|
done = true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
Loading…
Reference in a new issue