You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@livy.apache.org by aj...@apache.org on 2020/08/15 00:26:03 UTC

[incubator-livy] branch master updated: Add html escape to session name

This is an automated email from the ASF dual-hosted git repository.

ajbozarth pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-livy.git


The following commit(s) were added to refs/heads/master by this push:
     new 4d8a912  Add html escape to session name
4d8a912 is described below

commit 4d8a912699683b973eee76d4e91447d769a0cb0d
Author: Marco Gaido <mg...@apache.org>
AuthorDate: Fri Aug 14 17:25:54 2020 -0700

    Add html escape to session name
    
    ## What changes were proposed in this pull request?
    
    The PR adds HTML escaping to session names.
    
    ## How was this patch tested?
    
    Manual test.
    
    Author: Marco Gaido <mg...@apache.org>
    
    Closes #302 from mgaido91/escape_html.
---
 .../org/apache/livy/server/ui/static/js/all-sessions.js        | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/server/src/main/resources/org/apache/livy/server/ui/static/js/all-sessions.js b/server/src/main/resources/org/apache/livy/server/ui/static/js/all-sessions.js
index 6e35702..d8a84a7 100644
--- a/server/src/main/resources/org/apache/livy/server/ui/static/js/all-sessions.js
+++ b/server/src/main/resources/org/apache/livy/server/ui/static/js/all-sessions.js
@@ -15,13 +15,17 @@
  * limitations under the License.
  */
 
+function escapeHtml(unescapedText) {
+  return $("<div>").text(unescapedText).html()
+}
+
 function loadSessionsTable(sessions) {
   $.each(sessions, function(index, session) {
     $("#interactive-sessions .sessions-table-body").append(
       "<tr>" +
         tdWrap(uiLink("session/" + session.id, session.id)) +
         tdWrap(appIdLink(session)) +
-        tdWrap(session.name) +
+        tdWrap(escapeHtml(session.name)) +
         tdWrap(session.owner) +
         tdWrap(session.proxyUser) +
         tdWrap(session.kind) +
@@ -38,7 +42,7 @@ function loadBatchesTable(sessions) {
       "<tr>" +
         tdWrap(session.id) +
         tdWrap(appIdLink(session)) +
-        tdWrap(session.name) +
+        tdWrap(escapeHtml(session.name)) +
         tdWrap(session.owner) +
         tdWrap(session.proxyUser) +
         tdWrap(session.state) +
@@ -79,4 +83,4 @@ $(document).ready(function () {
       $("#all-sessions").append('<h4>No Sessions or Batches have been created yet.</h4>');
     }
   });
-});
\ No newline at end of file
+});