escape HTML in rich tooltips
diff --git a/modeling/plugins/org.eclipse.pde.emfforms/META-INF/MANIFEST.MF b/modeling/plugins/org.eclipse.pde.emfforms/META-INF/MANIFEST.MF
index b6f8ec2..03521d7 100644
--- a/modeling/plugins/org.eclipse.pde.emfforms/META-INF/MANIFEST.MF
+++ b/modeling/plugins/org.eclipse.pde.emfforms/META-INF/MANIFEST.MF
@@ -29,5 +29,6 @@
org.eclipse.pde.emfforms.internal;x-internal:=true,
org.eclipse.pde.emfforms.internal.editor;x-internal:=true,
org.eclipse.pde.emfforms.internal.validation;x-internal:=true
-Import-Package: org.eclipse.core.resources
+Import-Package: org.apache.commons.lang;version="2.4.0",
+ org.eclipse.core.resources
Service-Component: OSGI-INF/*.xml
diff --git a/modeling/plugins/org.eclipse.pde.emfforms/src/org/eclipse/pde/emfforms/internal/validation/RichTooltipHyperlinkAdapter.java b/modeling/plugins/org.eclipse.pde.emfforms/src/org/eclipse/pde/emfforms/internal/validation/RichTooltipHyperlinkAdapter.java
index 0196eac..c6bcb6c 100644
--- a/modeling/plugins/org.eclipse.pde.emfforms/src/org/eclipse/pde/emfforms/internal/validation/RichTooltipHyperlinkAdapter.java
+++ b/modeling/plugins/org.eclipse.pde.emfforms/src/org/eclipse/pde/emfforms/internal/validation/RichTooltipHyperlinkAdapter.java
@@ -8,15 +8,16 @@
* Contributors:
* Anyware Technologies - initial API and implementation
*
- * $Id: RichTooltipHyperlinkAdapter.java,v 1.2 2009/09/13 21:28:29 bcabe Exp $
+ * $Id: RichTooltipHyperlinkAdapter.java,v 1.3 2009/10/23 16:14:22 bcabe Exp $
*/
package org.eclipse.pde.emfforms.internal.validation;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.*;
-import java.util.List;
import java.util.Map.Entry;
+import java.util.List;
+import org.apache.commons.lang.StringEscapeUtils;
import org.eclipse.jface.dialogs.IMessageProvider;
import org.eclipse.jface.layout.GridDataFactory;
import org.eclipse.jface.layout.GridLayoutFactory;
@@ -143,11 +144,9 @@
pw.print("\"> <a href=\"");
pw.print(message.hashCode() + "");
pw.print("\">");
- //FIXME prefix should be HTML escaped
if (message.getPrefix() != null)
- pw.print(message.getPrefix());
- //FIXME message should be HTML escaped
- pw.print(message.getMessage());
+ pw.print(StringEscapeUtils.escapeHtml(message.getPrefix()));
+ pw.print(StringEscapeUtils.escapeHtml(message.getMessage()));
pw.println("</a></li>");
}
}