You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2011/05/24 08:43:42 UTC

svn commit: r1126891 - in /sling/trunk: bundles/api/src/main/java/org/apache/sling/api/servlets/ bundles/engine/ bundles/engine/src/main/java/org/apache/sling/engine/impl/request/ launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/web...

Author: bdelacretaz
Date: Tue May 24 06:43:42 2011
New Revision: 1126891

URL: http://svn.apache.org/viewvc?rev=1126891&view=rev
Log:
SLING-2085 - RequestHistoryConsolePlugin should escape HTML text

Added:
    sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java   (with props)
Modified:
    sling/trunk/bundles/api/src/main/java/org/apache/sling/api/servlets/HtmlResponse.java
    sling/trunk/bundles/engine/pom.xml
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/request/RequestHistoryConsolePlugin.java

Modified: sling/trunk/bundles/api/src/main/java/org/apache/sling/api/servlets/HtmlResponse.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/api/src/main/java/org/apache/sling/api/servlets/HtmlResponse.java?rev=1126891&r1=1126890&r2=1126891&view=diff
==============================================================================
--- sling/trunk/bundles/api/src/main/java/org/apache/sling/api/servlets/HtmlResponse.java (original)
+++ sling/trunk/bundles/api/src/main/java/org/apache/sling/api/servlets/HtmlResponse.java Tue May 24 06:43:42 2011
@@ -476,7 +476,7 @@ public class HtmlResponse {
                         state = 0;
                         Object prop = properties.get(varBuffer.toString());
                         if (prop != null) {
-                            out.write(htmlEscape(prop.toString()));
+                            out.write(escapeHtmlText(prop.toString()));
                         }
                         varBuffer.setLength(0);
                     } else {
@@ -488,7 +488,7 @@ public class HtmlResponse {
         out.flush();
     }
     
-    static String htmlEscape(String str) {
+    public static String escapeHtmlText(String str) {
         if(str == null) {
             return null;
         }

Modified: sling/trunk/bundles/engine/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/pom.xml?rev=1126891&r1=1126890&r2=1126891&view=diff
==============================================================================
--- sling/trunk/bundles/engine/pom.xml (original)
+++ sling/trunk/bundles/engine/pom.xml Tue May 24 06:43:42 2011
@@ -97,7 +97,7 @@
         <dependency>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.api</artifactId>
-            <version>2.1.0</version>
+            <version>2.2.1-SNAPSHOT</version>
             <scope>provided</scope>
         </dependency>
         <dependency>

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/request/RequestHistoryConsolePlugin.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/request/RequestHistoryConsolePlugin.java?rev=1126891&r1=1126890&r2=1126891&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/request/RequestHistoryConsolePlugin.java (original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/request/RequestHistoryConsolePlugin.java Tue May 24 06:43:42 2011
@@ -36,6 +36,7 @@ import javax.servlet.http.HttpServletRes
 import org.apache.sling.api.SlingHttpServletRequest;
 import org.apache.sling.api.request.RequestProgressTracker;
 import org.apache.sling.api.resource.ResourceUtil;
+import org.apache.sling.api.servlets.HtmlResponse;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.Constants;
 import org.osgi.framework.ServiceRegistration;
@@ -145,11 +146,11 @@ public class RequestHistoryConsolePlugin
                             currentRequestIndex);
                         final StringBuilder sb = new StringBuilder();
                         sb.append("<a href='" + LABEL + "?index="
-                            + info.getKey() + "'>");
+                            + HtmlResponse.escapeHtmlText(info.getKey()) + "'>");
                         if (isCurrent) {
                             sb.append("<b>");
                         }
-                        sb.append(info.getLabel());
+                        sb.append(HtmlResponse.escapeHtmlText(info.getLabel()));
                         if (isCurrent) {
                             sb.append("</b>");
                         }
@@ -226,7 +227,8 @@ public class RequestHistoryConsolePlugin
                 pw.println("<tr>");
                 pw.printf(
                     "<th class='ui-widget-header'>Request %s (%s %s) by %s - RequestProgressTracker Info</th>%n",
-                    key, info.getMethod(), info.getPathInfo(), info.getUser());
+                    key, HtmlResponse.escapeHtmlText(info.getMethod()), 
+                    HtmlResponse.escapeHtmlText(info.getPathInfo()), HtmlResponse.escapeHtmlText(info.getUser()));
                 pw.println("</tr>");
                 pw.println("</thead>");
 
@@ -237,7 +239,7 @@ public class RequestHistoryConsolePlugin
                 final Iterator<String> it = info.getTracker().getMessages();
                 pw.print("<pre>");
                 while (it.hasNext()) {
-                    pw.print(escape(it.next()));
+                    pw.print(HtmlResponse.escapeHtmlText(it.next()));
                 }
                 pw.println("</pre></td></tr>");
                 pw.println("</tbody></table>");
@@ -252,24 +254,6 @@ public class RequestHistoryConsolePlugin
                 resp.sendRedirect(req.getRequestURI());
             }
         }
-
-        private static String escape(String str) {
-            final StringBuilder sb = new StringBuilder();
-            for (int i = 0; i < str.length(); i++) {
-                final char c = str.charAt(i);
-                if (c == '<') {
-                    sb.append("&lt;");
-                } else if (c == '>') {
-                    sb.append("&gt;");
-                } else if (c == '&') {
-                    sb.append("&amp;");
-                } else {
-                    sb.append(c);
-                }
-            }
-            return sb.toString();
-        }
-
     }
 
     private static class RequestInfo {

Added: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java
URL: http://svn.apache.org/viewvc/sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java?rev=1126891&view=auto
==============================================================================
--- sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java (added)
+++ sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java Tue May 24 06:43:42 2011
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.launchpad.webapp.integrationtest.issues;
+
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.sling.commons.testing.integration.HttpTestBase;
+
+public class SLING2085Test extends HttpTestBase {
+    
+    public void testRecentRequestsEscape() throws Exception {
+        final String basePath = "/" + getClass().getSimpleName() + "/" + Math.random(); 
+        final String path = basePath + ".html/%22%3e%3cscript%3ealert(29679)%3c/script%3e";
+        
+        // POST to create node 
+        {
+            final PostMethod post = new PostMethod(HTTP_BASE_URL + path);
+            post.setFollowRedirects(false);
+            final int status = httpClient.executeMethod(post);
+            assertEquals(201, status);
+        }
+        
+        // And check that recent requests output does not contain <script>
+        {
+            final String content = getContent(HTTP_BASE_URL + "/system/console/requests?index=1", CONTENT_TYPE_HTML);
+            final String scriptTag = "<script>";
+            assertFalse("Content should not contain '" + scriptTag + "'", content.contains(scriptTag));
+        }
+    }
+}

Propchange: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/launchpad/integration-tests/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/issues/SLING2085Test.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev URL