You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Dan Dumont <dd...@us.ibm.com> on 2012/04/26 22:13:12 UTC
Review Request: proxied-form-post: Write the response in a way that won't be
unintentionally un-escaped by browsers.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/
-----------------------------------------------------------
Review request for shindig.
Summary
-------
Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
Diff: https://reviews.apache.org/r/4896/diff
Testing
-------
Tests still pass :)
Thanks,
Dan
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Stanton Sievers <si...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review7276
-----------------------------------------------------------
Ship it!
LGTM
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
<https://reviews.apache.org/r/4896/#comment16073>
My guess is that this import is unused. Please remove if that's the case.
- Stanton
On 2012-04-26 20:13:12, Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated 2012-04-26 20:13:12)
>
>
> Review request for shindig.
>
>
> Summary
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
>
> Diff: https://reviews.apache.org/r/4896/diff
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan
>
>
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review8307
-----------------------------------------------------------
Ship it!
Committed r1351048
- Dan Dumont
On June 17, 2012, 5:13 a.m., Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated June 17, 2012, 5:13 a.m.)
>
>
> Review request for shindig.
>
>
> Description
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> This addresses bug SHINDIG-1761.
> https://issues.apache.org/jira/browse/SHINDIG-1761
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1349992
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java 1349992
>
> Diff: https://reviews.apache.org/r/4896/diff/
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan Dumont
>
>
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/
-----------------------------------------------------------
(Updated June 17, 2012, 5:13 a.m.)
Review request for shindig.
Changes
-------
Update the patch with latest changes dealing with custom crufts
Description
-------
Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
This addresses bug SHINDIG-1761.
https://issues.apache.org/jira/browse/SHINDIG-1761
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1349992
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java 1349992
Diff: https://reviews.apache.org/r/4896/diff/
Testing
-------
Tests still pass :)
Thanks,
Dan Dumont
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Ryan Baxter <rb...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review7310
-----------------------------------------------------------
Ship it!
LGTM
- Ryan
On 2012-04-27 16:24:50, Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated 2012-04-27 16:24:50)
>
>
> Review request for shindig.
>
>
> Summary
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> This addresses bug SHINDIG-1761.
> https://issues.apache.org/jira/browse/SHINDIG-1761
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java 1329959
>
> Diff: https://reviews.apache.org/r/4896/diff
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan
>
>
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/
-----------------------------------------------------------
(Updated 2012-04-27 16:24:50.944369)
Review request for shindig.
Changes
-------
Removed unused import and added a test for the escaping stuff.
Summary
-------
Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
This addresses bug SHINDIG-1761.
https://issues.apache.org/jira/browse/SHINDIG-1761
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java 1329959
Diff: https://reviews.apache.org/r/4896/diff
Testing
-------
Tests still pass :)
Thanks,
Dan
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/
-----------------------------------------------------------
(Updated 2012-04-27 13:24:54.504330)
Review request for shindig.
Changes
-------
Adding JIRA
Summary
-------
Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
This addresses bug SHINDIG-1761.
https://issues.apache.org/jira/browse/SHINDIG-1761
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
Diff: https://reviews.apache.org/r/4896/diff
Testing
-------
Tests still pass :)
Thanks,
Dan
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Ryan Baxter <rb...@gmail.com>.
> On 2012-04-26 21:15:47, Ryan Baxter wrote:
> > LGTM. Since our existing test cases didn't catch this can we add a test case for this?
>
> Dan Dumont wrote:
> A jsunit test case wouldn't have caught this I don't think... It would require a functional dom and iframe component to see the issue.
But you could write a junit test and verify we escape it properly so when it does get returned to the browser we don't run into the problem.
- Ryan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review7281
-----------------------------------------------------------
On 2012-04-27 13:24:54, Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated 2012-04-27 13:24:54)
>
>
> Review request for shindig.
>
>
> Summary
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> This addresses bug SHINDIG-1761.
> https://issues.apache.org/jira/browse/SHINDIG-1761
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
>
> Diff: https://reviews.apache.org/r/4896/diff
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan
>
>
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Dan Dumont <dd...@us.ibm.com>.
> On 2012-04-26 21:15:47, Ryan Baxter wrote:
> > LGTM. Since our existing test cases didn't catch this can we add a test case for this?
A jsunit test case wouldn't have caught this I don't think... It would require a functional dom and iframe component to see the issue.
- Dan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review7281
-----------------------------------------------------------
On 2012-04-26 20:13:12, Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated 2012-04-26 20:13:12)
>
>
> Review request for shindig.
>
>
> Summary
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
>
> Diff: https://reviews.apache.org/r/4896/diff
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan
>
>
Re: Review Request: proxied-form-post: Write the response in a way that
won't be unintentionally un-escaped by browsers.
Posted by Ryan Baxter <rb...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/4896/#review7281
-----------------------------------------------------------
LGTM. Since our existing test cases didn't catch this can we add a test case for this?
- Ryan
On 2012-04-26 20:13:12, Dan Dumont wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/4896/
> -----------------------------------------------------------
>
> (Updated 2012-04-26 20:13:12)
>
>
> Review request for shindig.
>
>
> Summary
> -------
>
> Ran into an issue where the server response was being partially un-escaped by the browser if it had escaped html entities in it.
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java 1329959
>
> Diff: https://reviews.apache.org/r/4896/diff
>
>
> Testing
> -------
>
> Tests still pass :)
>
>
> Thanks,
>
> Dan
>
>