2dc3af358b3062e1a5b3a4390c3790b8c06382c2,framework/service/src/org/ofbiz/service/ModelService.java,ModelService,validate,#Map#String#Locale#,488

Before Change


                    // the param is a String, allow-html is none or safe, and we are looking at an IN parameter during input parameter validation
                    String value = (String) context.get(modelParam.name);
                    if ("none".equals(modelParam.allowHtml)) {
                        StringUtil.checkStringForHtmlStrictNone(modelParam.name, value, errorMessageList);
                    } else if ("safe".equals(modelParam.allowHtml)) {
                        StringUtil.checkStringForHtmlSafeOnly(modelParam.name, value, errorMessageList);
                    }

After Change


                if (context.get(modelParam.name) != null && ("String".equals(modelParam.type) || "java.lang.String".equals(modelParam.type)) 
                        && !"any".equals(modelParam.allowHtml) && ("INOUT".equals(modelParam.mode) || "IN".equals(modelParam.mode))) {
                    String value = (String) context.get(modelParam.name);
                    StringUtil.checkStringForHtmlStrictNone(modelParam.name, value, errorMessageList);
                }
            }
            if (errorMessageList.size() > 0) {