Changeset 571 for trunk/grails-app/taglib
- Timestamp:
- Jun 16, 2010, 3:36:04 PM (11 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/grails-app/taglib/dbnp/studycapturing/WizardTagLib.groovy
r568 r571 522 522 def termSelect = { attrs -> 523 523 def from = [] 524 println "termSelect --> " + attrs525 524 526 525 // got ontologies? … … 681 680 if (grailsApplication.config.crypto) { 682 681 // generate a Blowfish encrypted and Base64 encoded string. 683 attrs['entity'] = Blowfish.encryptBase64( 684 entity.toString().replaceAll(/^class /, ''), 685 grailsApplication.config.crypto.shared.secret 682 attrs['entity'] = URLEncoder.encode( 683 Blowfish.encryptBase64( 684 entity.toString().replaceAll(/^class /, ''), 685 grailsApplication.config.crypto.shared.secret 686 ) 686 687 ) 687 688 } else { 688 689 // base64 only; this is INSECURE! As this class 689 690 // is instantiated elsewehere. Possibly exploitable! 690 attrs['entity'] = entity.toString().replaceAll(/^class /, '').bytes.encodeBase64()691 } 692 691 attrs['entity'] = URLEncoder.encode(entity.toString().replaceAll(/^class /, '').bytes.encodeBase64()) 692 } 693 693 694 // fetch templates 694 695 attrs.from = (entity) ? Template.findAllByEntity(entity) : Template.findAll() … … 870 871 out << '<div class="' + attrs.get('class') + '">' 871 872 } 872 873 println ".SHOWING "+it.type.toString()874 873 875 874 switch (it.type.toString()) {
Note: See TracChangeset
for help on using the changeset viewer.