From a74ddc24545ec45d0bb82ca2bb8f628ffdaa9da3 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 10 Oct 2014 12:04:39 -0400
Subject: [PATCH] Improve relative path determination using Java 7 Paths

---
 src/main/java/com/gitblit/wicket/panels/TicketListPanel.java |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/panels/TicketListPanel.java b/src/main/java/com/gitblit/wicket/panels/TicketListPanel.java
index c7079c8..cc0b57a 100644
--- a/src/main/java/com/gitblit/wicket/panels/TicketListPanel.java
+++ b/src/main/java/com/gitblit/wicket/panels/TicketListPanel.java
@@ -130,9 +130,10 @@
 							Repository db = app().repositories().getRepository(repository.name);
 							BugtraqProcessor btp  = new BugtraqProcessor(app().settings());
 							String content = btp.processText(db, repository.name, labelItem.getModelObject());
+							String safeContent = app().xssFilter().relaxed(content);
 							db.close();
 
-							label = new Label("label", content);
+							label = new Label("label", safeContent);
 							label.setEscapeModelStrings(false);
 
 							tLabel = app().tickets().getLabel(repository, labelItem.getModelObject());

--
Gitblit v1.9.1