projects / mono.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #5714 from alexischr/update_bockbuild
[mono.git] / mcs / class / referencesource / System.Web / Util / HttpEncoder.cs
diff --git a/mcs/class/referencesource/System.Web/Util/HttpEncoder.cs b/mcs/class/referencesource/System.Web/Util/HttpEncoder.cs
index 70362cfbc81ce87e4976ae9a0a581130df6ed2ca..6455f6db12fe3f9a9d92c8f251501a9198dff1b6 100644 (file)
--- a/mcs/class/referencesource/System.Web/Util/HttpEncoder.cs
+++ b/mcs/class/referencesource/System.Web/Util/HttpEncoder.cs
@@ -89,7 +89,7 @@ namespace System.Web.Util {
                 || c == '\'' // HTML-sensitive chars encoded for safety
                 || c == '<'
                 || c == '>'
-                || (c == '&' && JavaScriptEncodeAmpersand) // 
+                || (c == '&' && JavaScriptEncodeAmpersand) // Bug Dev11 #133237. Encode '&' to provide additional security for people who incorrectly call the encoding methods (unless turned off by backcompat switch)
                 || c == '\u0085' // newline chars (see Unicode 6.2, Table 5-1 [http://www.unicode.org/versions/Unicode6.2.0/ch05.pdf]) have to be encoded (DevDiv #663531)
                 || c == '\u2028'
                 || c == '\u2029';
my mono mirror. check out Moved to http://github.com/mono/mono