diff --git a/source/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java b/source/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java
index 6d85d5727c..094471801f 100644
--- a/source/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java
+++ b/source/java/org/alfresco/web/app/servlet/GlobalLocalizationFilter.java
@@ -83,7 +83,12 @@ public class GlobalLocalizationFilter implements Filter
String name = param.substring(0, sepIndex).trim();
if (name.equalsIgnoreCase("charset"))
{
- setCharacterEncoding(param.substring(sepIndex+1).trim());
+ String charset = param.substring(sepIndex + 1).trim();
+ if ((null != charset) && ((charset.startsWith("\"") && charset.endsWith("\"")) || (charset.startsWith("'") && charset.endsWith("'"))))
+ {
+ charset = charset.substring(1, (charset.length() - 1));
+ }
+ setCharacterEncoding(charset);
break;
}
}
diff --git a/source/web/jsp/ml/add-translation-dialog.jsp b/source/web/jsp/ml/add-translation-dialog.jsp
index affdb8fd12..10c1816cfb 100644
--- a/source/web/jsp/ml/add-translation-dialog.jsp
+++ b/source/web/jsp/ml/add-translation-dialog.jsp
@@ -175,15 +175,13 @@
-
-
\ No newline at end of file
diff --git a/source/web/scripts/ajax/common.js b/source/web/scripts/ajax/common.js
index 6ec218da05..b62e5c630f 100644
--- a/source/web/scripts/ajax/common.js
+++ b/source/web/scripts/ajax/common.js
@@ -551,6 +551,17 @@ function onlyDigits(e)
el.style.top = ypos + "px";
}
}
+ },
+
+ encodeHTML: function(text)
+ {
+ if (text === null || typeof text == "undefined")
+ {
+ return "";
+ }
+
+ text = "" + text;
+ return text.replace(/&/g, "&").replace(//g, ">").replace(/"/g, """);
}
};
})();
@@ -736,5 +747,3 @@ function openWindowOnCallback(fromTimeout)
openWindowCallbackFn = null;
}
}
-
-
diff --git a/source/web/scripts/ajax/opensearch.js b/source/web/scripts/ajax/opensearch.js
index e6abeece37..fc3c7df95f 100644
--- a/source/web/scripts/ajax/opensearch.js
+++ b/source/web/scripts/ajax/opensearch.js
@@ -229,14 +229,14 @@ Alfresco.OpenSearchClient.prototype =
var term = document.getElementById(this.id + _SEARCH_TERM_FIELD_ID).value;
var count = document.getElementById(this.id + _PAGE_SIZE_FIELD_ID).value;
- // ADB-134 fix (Error message about not enough search criteria)
- if (term.length < this.minTermLength)
- {
+ // ADB-134 fix (Error message about not enough search criteria)
+ if (term.length < this.minTermLength)
+ {
var errorMsg = this.msgInvalidTermLength.replace("{0}", this.minTermLength);
handleCaughtError(errorMsg);
return;
- }
-
+ }
+
// default the count if its invalid
if (count.length == 0 || isNaN(count) || count < 1)
{
@@ -329,6 +329,8 @@ Alfresco.OpenSearchClient.prototype =
{
var searchUrl = null;
+ term = encodeURIComponent(term);
+
// define regex pattern to look for params
var pattern = /\{+\w*\}+|\{+\w*\?\}+|\{+\w*:\w*\}+|\{+\w*:\w*\?\}+/g;
@@ -503,7 +505,7 @@ Alfresco.OpenSearchClient.prototype =
sb[sb.length] = link;
sb[sb.length] = "'>";
}
- sb[sb.length] = title;
+ sb[sb.length] = Alfresco.Dom.encodeHTML(title);
if (link != null)
{
sb[sb.length] = "";
@@ -520,7 +522,7 @@ Alfresco.OpenSearchClient.prototype =
if (summary != null)
{
sb[sb.length] = "";
- sb[sb.length] = summary;
+ sb[sb.length] = Alfresco.Dom.encodeHTML(summary);
sb[sb.length] = "
";
}
sb[sb.length] = "";