HTML formatting not possible for custom error messages

[GoogleCodeExporter]

What steps will reproduce the problem?
1. configure a custom error message for account activation 
(Error_ActivateUserNoQueryMatch) with <ul><li>option 1</li><li>option 
2</li></ul>
2. try the activation process for an account that's locked/already activated

What is the expected output? What do you see instead?
Error message accepts html tags and is properly formatted in the browser.

What version of PWM are you using?
1.6.4

What ldap directory and version are you using?
MS LDS

Please paste any error log messages below:
No errors in the log.

Original issue reported on code.google.com by mateusz....@gmail.com on 30 Oct 2012 at 3:41

[GoogleCodeExporter]

Added in revision 488.  There is now a constant to control this in 
PwmConstants.properties.  It's possible the default maybe disabled, but for now 
its enabled.  

Having HTML in error messages can be undesirable for two reasons: 
1) error messages need to be displayed in logs or other auditing systems
2) in some cases user-supplied data may be used in error messages meaning the 
HTML should be escaped or it could allow injection attacks.

Original comment by jrivard on 26 Nov 2012 at 1:34

• Changed state: Fixed
• Added labels: Type-Enhancement
• Removed labels: Type-Help

[GoogleCodeExporter]

2 thumbs up for a fast resolution!
Will merge the change on our DEV to check the results. Thanks again.

Original comment by mateusz....@gmail.com on 26 Nov 2012 at 8:31