You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@storm.apache.org by pt...@apache.org on 2014/04/09 23:39:35 UTC

[2/4] git commit: Ensure that no evil chars can be put into the HTML via the the name of a component

Ensure that no evil chars can be put into the HTML via the the name of a component


Project: http://git-wip-us.apache.org/repos/asf/incubator-storm/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-storm/commit/df687cb7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-storm/tree/df687cb7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-storm/diff/df687cb7

Branch: refs/heads/master
Commit: df687cb71ba174e408a6cf68011053ff18b16f71
Parents: 813952a
Author: Niels Basjes <nb...@bol.com>
Authored: Mon Mar 24 22:06:32 2014 +0100
Committer: Niels Basjes <nb...@bol.com>
Committed: Mon Mar 24 22:06:32 2014 +0100

----------------------------------------------------------------------
 storm-core/src/clj/backtype/storm/ui/core.clj | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-storm/blob/df687cb7/storm-core/src/clj/backtype/storm/ui/core.clj
----------------------------------------------------------------------
diff --git a/storm-core/src/clj/backtype/storm/ui/core.clj b/storm-core/src/clj/backtype/storm/ui/core.clj
index 27e3b15..3b975c5 100644
--- a/storm-core/src/clj/backtype/storm/ui/core.clj
+++ b/storm-core/src/clj/backtype/storm/ui/core.clj
@@ -485,7 +485,7 @@
            :let [disp ((display-map k) k)]]
        [(link-to (if (= k window) {:class "red"} {})
                  (url-format "/topology/%s?window=%s" id k)
-                 disp)
+                 (escape-html disp))
         (get-in stats [:emitted k])
         (get-in stats [:transferred k])
         (float-str (get-in stats [:complete-latencies k]))
@@ -717,7 +717,7 @@
            :let [disp ((display-map k) k)]]
        [(link-to (if (= k window) {:class "red"} {})
                  (url-format "/topology/%s/component/%s?window=%s" topology-id id k)
-                 disp)
+                 (escape-html disp))
         (get-in stats [:emitted k])
         (get-in stats [:transferred k])
         (float-str (get-in stats [:complete-latencies k]))
@@ -935,7 +935,7 @@
            :let [disp ((display-map k) k)]]
        [(link-to (if (= k window) {:class "red"} {})
                  (url-format "/topology/%s/component/%s?window=%s" topology-id id k)
-                 disp)
+                 (escape-html disp))
         (get-in stats [:emitted k])
         (get-in stats [:transferred k])
         (float-str (get-in stats [:execute-latencies k]))