From 1b776066b14358b7380d4c4b8fe8f6743ee96da1 Mon Sep 17 00:00:00 2001 From: Justin Carter Date: Fri, 12 Feb 2016 09:52:53 +1100 Subject: [PATCH] FC-3062 encode HTML output in 500 page error details --- packages/lib/error.cfc | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/packages/lib/error.cfc b/packages/lib/error.cfc index 573ba2593..0f5ea5da9 100644 --- a/packages/lib/error.cfc +++ b/packages/lib/error.cfc @@ -346,28 +346,30 @@ #padResource('error.overview@label','Error Overview')#") /> ") /> - ") /> - ") /> + ") /> + ") /> ") /> ") /> - ") /> - ") /> + ") /> + ") /> ") /> ") /> ") /> - ") /> + ") />

#padResource('error.details@label','Error Details')#

Core Version:#arguments.exception.coreVersion#
#padResource('error.overview.machine@label','Machine')#:#arguments.exception.machineName#
#padResource('error.overview.instance@label','Instance')#:#arguments.exception.instancename#
#padResource('error.overview.machine@label','Machine')#:#encodeErrorText(arguments.exception.machineName)#
#padResource('error.overview.instance@label','Instance')#:#encodeErrorText(arguments.exception.instancename)#
#padResource('error.overview.message@label','Message')#:#encodeErrorText(arguments.exception.message)#
#padResource('error.overview.browser@label','Browser')#:#encodeErrorText(arguments.exception.browser)#
#padResource('error.overview.datetime@label','DateTime')#:#arguments.exception.datetime#
#padResource('error.overview.host@label','Host')#:#arguments.exception.host#
#padResource('error.overview.datetime@label','DateTime')#:#encodeErrorText(arguments.exception.datetime)#
#padResource('error.overview.host@label','Host')#:#encodeErrorText(arguments.exception.host)#
#padResource('error.overview.httpreferer@label','HTTPReferer')#:#encodeErrorText(arguments.exception.httpreferer)#
#padResource('error.overview.querystring@label','QueryString')#:#encodeErrorText(arguments.exception.querystring)#
#padResource('error.overview.remoteaddress@label','RemoteAddress')#:#encodeErrorText(arguments.exception.remoteaddress)#
#padResource('error.overview.bot@label','Bot')#:#arguments.exception.bot#
#padResource('error.overview.bot@label','Bot')#:#encodeErrorText(arguments.exception.bot)#
") /> - ") /> + ") /> - - ") /> + + ") /> + + ") /> - ") /> + ") /> - ") /> + ") /> ") />
#padResource('error.details.exceptiontype@label','Exception Type')#:#arguments.exception.type#
#padResource('error.details.exceptiontype@label','Exception Type')#:#encodeErrorText(arguments.exception.type)#
#padResource('error.details.detail@label','Detail')#:#arguments.exception.detail#
#padResource('error.details.detail@label','Detail')#:
#encodeErrorText(application.fapi.formatJSON(arguments.exception.detail))#
#padResource('error.details.detail@label','Detail')#:#encodeErrorText(arguments.exception.detail)#
#padResource('error.details.extendedinfo@label','Extended Info')#:#arguments.exception.extended_info#
#padResource('error.details.extendedinfo@label','Extended Info')#:#encodeErrorText(arguments.exception.extended_info)#
#padResource('error.details.error@label','Error')#:#arguments.exception.queryError#
#padResource('error.details.error@label','Error')#:#encodeErrorText(arguments.exception.queryError)#
#padResource('error.details.sql@label','SQL')#:#encodeErrorText(arguments.exception.sql)#