From d72b7ca909a5cdd35028668285bf5762791ca069 Mon Sep 17 00:00:00 2001
From: pjoshi31 <piyush.joshi2@globallogic.com>
Date: Fri, 23 Feb 2024 11:13:36 +0530
Subject: [PATCH] Added Owasp Encoder

---
 surf/spring-surf/spring-surf/pom.xml                         | 5 +++++
 .../extensions/surf/mvc/GeneratorController.java             | 3 ++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/surf/spring-surf/spring-surf/pom.xml b/surf/spring-surf/spring-surf/pom.xml
index ccb4e66f..8a046969 100644
--- a/surf/spring-surf/spring-surf/pom.xml
+++ b/surf/spring-surf/spring-surf/pom.xml
@@ -94,5 +94,10 @@
          <artifactId>maven-artifact</artifactId>
          <version>3.0.3</version>
       </dependency>
+      <dependency>
+         <groupId>org.owasp.encoder</groupId>
+         <artifactId>encoder</artifactId>
+         <version>1.2.3</version>
+      </dependency>
    </dependencies>
 </project>
diff --git a/surf/spring-surf/spring-surf/src/main/java/org/springframework/extensions/surf/mvc/GeneratorController.java b/surf/spring-surf/spring-surf/src/main/java/org/springframework/extensions/surf/mvc/GeneratorController.java
index 4f8e0224..d29005d4 100644
--- a/surf/spring-surf/spring-surf/src/main/java/org/springframework/extensions/surf/mvc/GeneratorController.java
+++ b/surf/spring-surf/spring-surf/src/main/java/org/springframework/extensions/surf/mvc/GeneratorController.java
@@ -32,6 +32,7 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.owasp.encoder.Encode;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.mvc.AbstractController;
 
@@ -159,7 +160,7 @@ protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpSer
 
         try
         {
-            response.getOutputStream().write(baos.toByteArray());
+            response.getOutputStream().write(Encode.forJava(baos.toString()).getBytes());
         }
         catch (IOException e)
         {