I can't tell if this is spam.
To the author: The function you reference is part of a PHP codebase but the pages and functions you reference would seem to be written JSP, or at very least in other code that uses InitCaps() instead of underscore_names() for function names.
The value you reference is the URI requested by the user. Can you provide an example of an XSS attack, especially one that would affect a third party?