You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by mc...@apache.org on 2020/05/04 18:50:34 UTC
[nifi] branch master updated: NIFI-7414: Escape user-defined values
that contain invalid XML characters before writing flow.xml.gz
This is an automated email from the ASF dual-hosted git repository.
mcgilman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/master by this push:
new 0448e23 NIFI-7414: Escape user-defined values that contain invalid XML characters before writing flow.xml.gz
0448e23 is described below
commit 0448e23a963a4f34f12cfa96e13d81675eb2b33b
Author: Mark Payne <ma...@hotmail.com>
AuthorDate: Thu Apr 30 13:22:45 2020 -0400
NIFI-7414: Escape user-defined values that contain invalid XML characters before writing flow.xml.gz
NIFI-7414: Updated StandardFlowSerializerTest to include testing for variable names and values being filtered
This closes #4244
---
.../controller/serialization/StandardFlowSerializer.java | 12 ++++++------
.../controller/serialization/StandardFlowSerializerTest.java | 12 ++++++++++++
2 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
index adedf3c..a9b203e 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/main/java/org/apache/nifi/controller/serialization/StandardFlowSerializer.java
@@ -203,7 +203,7 @@ public class StandardFlowSerializer implements FlowSerializer<Document> {
private void addStringElement(final Element parentElement, final String elementName, final String value) {
final Element childElement = parentElement.getOwnerDocument().createElement(elementName);
- childElement.setTextContent(value);
+ childElement.setTextContent(CharacterFilterUtils.filterInvalidXmlCharacters(value));
parentElement.appendChild(childElement);
}
@@ -309,23 +309,23 @@ public class StandardFlowSerializer implements FlowSerializer<Document> {
private static void addVariable(final Element parentElement, final String variableName, final String variableValue) {
final Element variableElement = parentElement.getOwnerDocument().createElement("variable");
- variableElement.setAttribute("name", variableName);
- variableElement.setAttribute("value", variableValue);
+ variableElement.setAttribute("name", CharacterFilterUtils.filterInvalidXmlCharacters(variableName));
+ variableElement.setAttribute("value", CharacterFilterUtils.filterInvalidXmlCharacters(variableValue));
parentElement.appendChild(variableElement);
}
private static void addBundle(final Element parentElement, final BundleCoordinate coordinate) {
// group
final Element groupElement = parentElement.getOwnerDocument().createElement("group");
- groupElement.setTextContent(coordinate.getGroup());
+ groupElement.setTextContent(CharacterFilterUtils.filterInvalidXmlCharacters(coordinate.getGroup()));
// artifact
final Element artifactElement = parentElement.getOwnerDocument().createElement("artifact");
- artifactElement.setTextContent(coordinate.getId());
+ artifactElement.setTextContent(CharacterFilterUtils.filterInvalidXmlCharacters(coordinate.getId()));
// version
final Element versionElement = parentElement.getOwnerDocument().createElement("version");
- versionElement.setTextContent(coordinate.getVersion());
+ versionElement.setTextContent(CharacterFilterUtils.filterInvalidXmlCharacters(coordinate.getVersion()));
// bundle
final Element bundleElement = parentElement.getOwnerDocument().createElement("bundle");
diff --git a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/test/java/org/apache/nifi/controller/serialization/StandardFlowSerializerTest.java b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/test/java/org/apache/nifi/controller/serialization/StandardFlowSerializerTest.java
index 196e10e..eaa4e86 100644
--- a/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/test/java/org/apache/nifi/controller/serialization/StandardFlowSerializerTest.java
+++ b/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-framework-core/src/test/java/org/apache/nifi/controller/serialization/StandardFlowSerializerTest.java
@@ -58,6 +58,11 @@ public class StandardFlowSerializerTest {
= "<tagName> \"This\" is an ' example with many characters that need to be filtered and escaped \u0002 in it. \u007f \u0086 " + Character.MIN_SURROGATE;
private static final String SERIALIZED_COMMENTS
= "<tagName> \"This\" is an ' example with many characters that need to be filtered and escaped in it.  † ";
+ private static final String RAW_VARIABLE_NAME = "Name with \u0001 escape needed";
+ private static final String SERIALIZED_VARIABLE_NAME = "Name with escape needed";
+ private static final String RAW_VARIABLE_VALUE = "Value with \u0001 escape needed";
+ private static final String SERIALIZED_VARIABLE_VALUE = "Value with escape needed";
+
private volatile String propsFile = StandardFlowSerializerTest.class.getResource("/standardflowserializertest.nifi.properties").getFile();
private FlowController controller;
@@ -108,6 +113,8 @@ public class StandardFlowSerializerTest {
dummy.setComments(RAW_COMMENTS);
controller.getFlowManager().getRootGroup().addProcessor(dummy);
+ controller.getFlowManager().getRootGroup().setVariables(Collections.singletonMap(RAW_VARIABLE_NAME, RAW_VARIABLE_VALUE));
+
// serialize the controller
final ByteArrayOutputStream os = new ByteArrayOutputStream();
final Document doc = serializer.transform(controller, ScheduledStateLookup.IDENTITY_LOOKUP);
@@ -117,5 +124,10 @@ public class StandardFlowSerializerTest {
final String serializedFlow = os.toString(StandardCharsets.UTF_8.name());
assertTrue(serializedFlow.contains(SERIALIZED_COMMENTS));
assertFalse(serializedFlow.contains(RAW_COMMENTS));
+ assertTrue(serializedFlow.contains(SERIALIZED_VARIABLE_NAME));
+ assertFalse(serializedFlow.contains(RAW_VARIABLE_NAME));
+ assertTrue(serializedFlow.contains(SERIALIZED_VARIABLE_VALUE));
+ assertFalse(serializedFlow.contains(RAW_VARIABLE_VALUE));
+ assertFalse(serializedFlow.contains("\u0001"));
}
}