Do not take information from request parameters which opens page up to XSS attacks...
authorlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 19 Sep 2008 11:09:09 +0000 (11:09 +0000)
committerlajoie <lajoie@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 19 Sep 2008 11:09:09 +0000 (11:09 +0000)
commitc2281e462f7f8874dd8459053f89d66840d06379
tree37c5c6a65ceccfec55ff555cdf44bcbd3ed94594
parent3a976d59902b2b5cb8726de65993db036838c2f3
Do not take information from request parameters which opens page up to XSS attacks - SIDP-226

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2763 ab3bd59b-922f-494d-bb5f-6f0a3c29deca
doc/RELEASE-NOTES.txt
src/main/java/edu/internet2/middleware/shibboleth/idp/authn/provider/UsernamePasswordLoginServlet.java
src/main/webapp/login.jsp