You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ba...@apache.org on 2015/05/04 14:41:38 UTC

svn commit: r1677593 - in /continuum/trunk/continuum-webapp/src/main: java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java resources/extremecomponents.properties webapp/WEB-INF/jsp/buildResult.jsp

Author: batkinson
Date: Mon May  4 12:41:38 2015
New Revision: 1677593

URL: http://svn.apache.org/r1677593
Log:
[CONTINUUM-2763] Build result page does not escape commit messages for HTML

Added:
    continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java
Modified:
    continuum/trunk/continuum-webapp/src/main/resources/extremecomponents.properties
    continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/buildResult.jsp

Added: continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java?rev=1677593&view=auto
==============================================================================
--- continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java (added)
+++ continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/view/commons/EscapeHtmlCell.java Mon May  4 12:41:38 2015
@@ -0,0 +1,38 @@
+package org.apache.maven.continuum.web.view.commons;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.commons.lang.StringEscapeUtils;
+import org.extremecomponents.table.bean.Column;
+import org.extremecomponents.table.cell.DisplayCell;
+import org.extremecomponents.table.core.TableModel;
+
+/**
+ * A cell renderer that escapes a column's contents for safe display within an HTML page.
+ */
+public class EscapeHtmlCell
+    extends DisplayCell
+{
+    @Override
+    protected String getCellValue( TableModel model, Column column )
+    {
+        return StringEscapeUtils.escapeHtml( super.getCellValue( model, column ) );
+    }
+}

Modified: continuum/trunk/continuum-webapp/src/main/resources/extremecomponents.properties
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/resources/extremecomponents.properties?rev=1677593&r1=1677592&r2=1677593&view=diff
==============================================================================
--- continuum/trunk/continuum-webapp/src/main/resources/extremecomponents.properties (original)
+++ continuum/trunk/continuum-webapp/src/main/resources/extremecomponents.properties Mon May  4 12:41:38 2015
@@ -19,6 +19,7 @@
 
 table.format_date=MMM dd, yyyy hh:mm:ss aaa z
 column.cell.date=org.apache.maven.continuum.web.view.commons.DateCell
+column.cell.escapeHtml=org.apache.maven.continuum.web.view.commons.EscapeHtmlCell
 
 table.border=1
 table.cellspacing=2

Modified: continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/buildResult.jsp
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/buildResult.jsp?rev=1677593&r1=1677592&r2=1677593&view=diff
==============================================================================
--- continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/buildResult.jsp (original)
+++ continuum/trunk/continuum-webapp/src/main/webapp/WEB-INF/jsp/buildResult.jsp Mon May  4 12:41:38 2015
@@ -200,7 +200,7 @@
               <ec:row>
                 <ec:column property="author" title="buildResult.scmResult.changes.author"/>
                 <ec:column property="date" title="buildResult.scmResult.changes.date" cell="date"/>
-                <ec:column property="comment" title="buildResult.scmResult.changes.comment" />
+                <ec:column property="comment" title="buildResult.scmResult.changes.comment" cell="escapeHtml" />
                 <ec:column property="files" title="buildResult.scmResult.changes.files">
                     <c:forEach var="scmFile" items="${pageScope.change.files}">
                         <c:out value="${scmFile.name}"/><br />