Smack now escapes passwords.

git-svn-id: http://svn.igniterealtime.org/svn/repos/smack/trunk@3470 b35dd754-fafc-0310-a699-88a17e54d16e
2024-11-23 04:22:05 +01:00 · 2006-02-16 20:07:18 +00:00 · 2006-02-16 20:07:18 +00:00 · 665bf172f7
commit 665bf172f7
parent 4c45715780
1 changed files with 5 additions and 5 deletions
--- a/source/org/jivesoftware/smack/packet/Authentication.java
+++ b/source/org/jivesoftware/smack/packet/Authentication.java
@ -38,7 +38,7 @@ public class Authentication extends IQ {
     * "set" mode in order to perform an actual authentication with the server.
     * In order to send a "get" request to get the available authentication
     * modes back from the server, change the type of the IQ packet to "get":
-     *
+     * <p/>
     * <p><tt>setType(IQ.Type.GET);</tt>
     */
    public Authentication() {
@ -105,7 +105,7 @@ public class Authentication extends IQ {
     * authentication mode will be used.
     *
     * @param connectionID the connection ID.
-     * @param password the password.
+     * @param password     the password.
     * @see org.jivesoftware.smack.XMPPConnection#getConnectionID()
     */
    public void setDigest(String connectionID, String password) {
@ -120,7 +120,7 @@ public class Authentication extends IQ {
     * If only one value is set, the respective authentication mode will be used.
     *
     * @param digest the digest, which is the SHA-1 hash of the connection ID
-     *      the user's password, encoded as hex.
+     *               the user's password, encoded as hex.
     * @see org.jivesoftware.smack.XMPPConnection#getConnectionID()
     */
    public void setDigest(String digest) {
@ -153,7 +153,7 @@ public class Authentication extends IQ {
                buf.append("<username/>");
            }
            else {
-                buf.append("<username>").append( username).append("</username>");
+                buf.append("<username>").append(username).append("</username>");
            }
        }
        if (digest != null) {
@ -169,7 +169,7 @@ public class Authentication extends IQ {
                buf.append("<password/>");
            }
            else {
-                buf.append("<password>").append(password).append("</password>");
+                buf.append("<password>").append(StringUtils.escapeForXML(password)).append("</password>");
            }
        }
        if (resource != null) {