diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blogpost.lib.ftl b/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blogpost.lib.ftl index 7f3a11140d..3ed2dee382 100644 --- a/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blogpost.lib.ftl +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/blogpost.lib.ftl @@ -16,9 +16,9 @@ <#macro addContent item> <#escape x as jsonUtils.encodeJSONString(x)> <#if (contentLength?? && contentLength > -1 && (item.node.content?length > contentLength))> - "content" : "${item.node.content?substring(0, contentLength)}", + "content" : "${stringUtils.stripUnsafeHTML(item.node.content?substring(0, contentLength))}", <#else> - "content" : "${item.node.content}", + "content" : "${stringUtils.stripUnsafeHTML(item.node.content)}", diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/posts/blog-posts.get.js b/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/posts/blog-posts.get.js index bcad947189..fd31c3026c 100644 --- a/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/posts/blog-posts.get.js +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/blogs/posts/blog-posts.get.js @@ -72,7 +72,7 @@ function main() } // selected tag - var tag = args["tag"] != undefined && args["tag"].length > 0 ? args["tag"] : null; + var tag = (args["tag"] != undefined && args["tag"].length > 0) ? args["tag"] : null; // fetch and assign the data model.data = getBlogPostList(node, fromDate, toDate, tag, index, count); diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/comments/comment.lib.ftl b/config/alfresco/templates/webscripts/org/alfresco/repository/comments/comment.lib.ftl index 28fa72309e..ddf724b303 100644 --- a/config/alfresco/templates/webscripts/org/alfresco/repository/comments/comment.lib.ftl +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/comments/comment.lib.ftl @@ -24,7 +24,7 @@ "nodeRef" : "${item.node.nodeRef}", "name" : "${item.node.properties.name!''}", "title" : "${item.node.properties.title!''}", - "content" : "${item.node.content}", + "content" : "${stringUtils.stripUnsafeHTML(item.node.content)}", <#if item.author??> <@renderPerson person=item.author fieldName="author" /> <#else> diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.js b/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.js index 1be08c2b36..7ab9710b14 100644 --- a/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.js +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/forum/forum-posts.get.js @@ -36,7 +36,7 @@ function main() var count = args["pageSize"] != undefined ? parseInt(args["pageSize"]) : 10; // selected tag - var tag = args["tag"] != undefined && args["tag"].length > 0 ? args["tag"] : null; + var tag = (args["tag"] != undefined && args["tag"].length > 0) ? args["tag"] : null; model.data = getTopicPostList(node, tag, index, count); diff --git a/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/post.lib.ftl b/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/post.lib.ftl index b1fa8f49ca..8ff3811cbe 100644 --- a/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/post.lib.ftl +++ b/config/alfresco/templates/webscripts/org/alfresco/repository/discussions/post.lib.ftl @@ -16,9 +16,9 @@ <#macro addContent post> <#escape x as jsonUtils.encodeJSONString(x)> <#if (contentLength?? && contentLength > -1 && (post.content?length > contentLength))> - "content" : "${post.content?substring(0, contentLength)}", + "content" : "${stringUtils.stripUnsafeHTML(post.content?substring(0, contentLength))}", <#else> - "content" : "${post.content}", + "content" : "${stringUtils.stripUnsafeHTML(post.content)}",