From f9c661ef5d2a422f246b3a089bee06470ae1d431 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 07 Sep 2014 12:04:12 -0400
Subject: [PATCH] Merged #164 "Sanitize page parameters for XSS vulerabilities"

---
 src/main/java/com/gitblit/wicket/pages/TicketsPage.java |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/TicketsPage.java b/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
index dfa7b02..658cdde 100644
--- a/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/TicketsPage.java
@@ -536,7 +536,13 @@
 				item.add(entryPanel);
 
 				final TicketMilestone tm = item.getModelObject();
-				PageParameters params = queryParameters(null, tm.name, null, null, null, true, 1);
+				String [] states;
+				if (tm.isOpen()) {
+					states = TicketsUI.openStatii;
+				} else {
+					states = TicketsUI.closedStatii;
+				}
+				PageParameters params = queryParameters(null, tm.name, states, null, null, true, 1);
 				entryPanel.add(new LinkPanel("milestoneName", null, tm.name, TicketsPage.class, params).setRenderBodyOnly(true));
 
 				String css;

--
Gitblit v1.9.1