You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@deltacloud.apache.org by Michal Fojtik <mf...@redhat.com> on 2010/12/10 13:58:45 UTC
Re: [PATCH] Wrap error messages and details in CDATA
On 24/11/10 11:45 -0500, tcrawley@redhat.com wrote:
>From: Tobias Crawley <tc...@redhat.com>
>
>The xml parser used by nokogiri-java (xerces) is much more strict about
>unescaped entities, and causes nokogiri to ignore nodes containing them.
>Wrapping the content in CDATA blocks fixes this.
>
ACK. Code looks safe and I understand your motivation, XML can get corrupted
when Exception contains invalid characters.
-- Michal
>
>Note: this fix does not use the haml :cdata filter, since you cannot
>strip whitespace inside the filter.
>---
> .../lib/deltacloud/helpers/application_helper.rb | 4 ++--
> server/views/errors/auth_exception.xml.haml | 3 ++-
> .../errors/backend_capability_failure.xml.haml | 3 ++-
> server/views/errors/backend_error.xml.haml | 4 ++--
> server/views/errors/validation_failure.xml.haml | 5 +++--
> 5 files changed, 11 insertions(+), 8 deletions(-)
>
>diff --git a/server/lib/deltacloud/helpers/application_helper.rb b/server/lib/deltacloud/helpers/application_helper.rb
>index 00e8bc9..6830e5f 100644
>--- a/server/lib/deltacloud/helpers/application_helper.rb
>+++ b/server/lib/deltacloud/helpers/application_helper.rb
>@@ -121,8 +121,8 @@ module ApplicationHelper
> end
> end
>
>- def cdata(&block)
>- text = capture_haml(&block)
>+ def cdata(text = nil, &block)
>+ text ||= capture_haml(&block)
> "<![CDATA[#{text.strip}]]>"
> end
>
>diff --git a/server/views/errors/auth_exception.xml.haml b/server/views/errors/auth_exception.xml.haml
>index bee6492..bfa9111 100644
>--- a/server/views/errors/auth_exception.xml.haml
>+++ b/server/views/errors/auth_exception.xml.haml
>@@ -1,2 +1,3 @@
> %error{:url => "#{request.env['REQUEST_URI']}", :status => "#{response.status}"}
>- %message #{@error.message}
>+ %message< #{cdata @error.message}
>+
>diff --git a/server/views/errors/backend_capability_failure.xml.haml b/server/views/errors/backend_capability_failure.xml.haml
>index 83892fb..4302e4b 100644
>--- a/server/views/errors/backend_capability_failure.xml.haml
>+++ b/server/views/errors/backend_capability_failure.xml.haml
>@@ -1,4 +1,5 @@
> %error{:url => "#{request.env['REQUEST_URI']}", :status => "#{response.status}"}
> %capability #{@error.capability}
>- %message #{@error.message}
>+ %message< #{cdata @error.message}
>+
>
>diff --git a/server/views/errors/backend_error.xml.haml b/server/views/errors/backend_error.xml.haml
>index 75866eb..cb5d87f 100644
>--- a/server/views/errors/backend_error.xml.haml
>+++ b/server/views/errors/backend_error.xml.haml
>@@ -4,5 +4,5 @@
> %code= @error.code
> %cause= @error.cause
> - if @error.details
>- %details #{@error.details}
>- %message #{@error.message}
>+ %details< #{cdata @error.details.join("\n")}
>+ %message< #{cdata @error.message}
>diff --git a/server/views/errors/validation_failure.xml.haml b/server/views/errors/validation_failure.xml.haml
>index 24519ed..f18d6a2 100644
>--- a/server/views/errors/validation_failure.xml.haml
>+++ b/server/views/errors/validation_failure.xml.haml
>@@ -1,7 +1,8 @@
> %error{:url => "#{request.env['REQUEST_URI']}", :status => "#{response.status}"}
> %parameter #{@error.name}
>- %message #{@error.message}
>+ %message< #{cdata @error.message}
> - unless @error.param.options.empty?
> %valid_options
> - @error.param.options.each do |v|
>- %value #{v}
>+ %value< #{cdata v}
>+
>--
>1.7.3.2
>
--
--------------------------------------------------------
Michal Fojtik, mfojtik@redhat.com
Deltacloud API: http://deltacloud.org
--------------------------------------------------------