From f9060599aeab81cb9282ddf51cc057bf1353208f Mon Sep 17 00:00:00 2001
From: Micael Karlberg <bmk@erlang.org>
Date: Tue, 25 Oct 2011 12:34:56 +0200
Subject: The XSS prevention methods used was confused if the URL was encoded
 (hex-encoded). OTP-9655

---
 lib/inets/src/http_lib/http_util.erl | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'lib/inets/src/http_lib/http_util.erl')

diff --git a/lib/inets/src/http_lib/http_util.erl b/lib/inets/src/http_lib/http_util.erl
index be0602ff6e..5d8cb9365d 100644
--- a/lib/inets/src/http_lib/http_util.erl
+++ b/lib/inets/src/http_lib/http_util.erl
@@ -190,9 +190,8 @@ timeout(Timeout, Started) ->
     
 html_encode(Chars) ->
     Reserved = sets:from_list([$&, $<, $>, $\", $', $/]),
-    lists:append(lists:map(fun(Char) ->
-				   char_to_html_entity(Char, Reserved)
-			   end, Chars)).
+    lists:append([char_to_html_entity(Char, Reserved) || Char <- Chars]).
+
 
 
 %%%========================================================================
-- 
cgit v1.2.3