You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@continuum.apache.org by ct...@apache.org on 2011/04/15 05:48:16 UTC
svn commit: r1092578 - in /continuum/trunk: ./ continuum-webapp/
continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/
continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/
Author: ctan
Date: Fri Apr 15 03:48:15 2011
New Revision: 1092578
URL: http://svn.apache.org/viewvc?rev=1092578&view=rev
Log:
[CONTINUUM-2620] use jsoup to clean footerhtmlcontent
Modified:
continuum/trunk/continuum-webapp/pom.xml
continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/AbstractFooterAction.java
continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/DefaultAppareanceConfiguration.java
continuum/trunk/pom.xml
Modified: continuum/trunk/continuum-webapp/pom.xml
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/pom.xml?rev=1092578&r1=1092577&r2=1092578&view=diff
==============================================================================
--- continuum/trunk/continuum-webapp/pom.xml (original)
+++ continuum/trunk/continuum-webapp/pom.xml Fri Apr 15 03:48:15 2011
@@ -655,6 +655,10 @@ under the License.
<artifactId>mail</artifactId>
<scope>provided</scope>
</dependency>
+ <dependency>
+ <groupId>org.jsoup</groupId>
+ <artifactId>jsoup</artifactId>
+ </dependency>
</dependencies>
<profiles>
<profile>
Modified: continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/AbstractFooterAction.java
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/AbstractFooterAction.java?rev=1092578&r1=1092577&r2=1092578&view=diff
==============================================================================
--- continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/AbstractFooterAction.java (original)
+++ continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/action/component/AbstractFooterAction.java Fri Apr 15 03:48:15 2011
@@ -18,6 +18,7 @@
*/
package org.apache.maven.continuum.web.action.component;
+import org.apache.commons.lang.StringEscapeUtils;
import org.apache.maven.continuum.web.action.ContinuumActionSupport;
import org.apache.maven.continuum.web.appareance.AppareanceConfiguration;
@@ -51,6 +52,4 @@ public abstract class AbstractFooterActi
{
this.footer = footer;
}
-
-
}
Modified: continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/DefaultAppareanceConfiguration.java
URL: http://svn.apache.org/viewvc/continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/DefaultAppareanceConfiguration.java?rev=1092578&r1=1092577&r2=1092578&view=diff
==============================================================================
--- continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/DefaultAppareanceConfiguration.java (original)
+++ continuum/trunk/continuum-webapp/src/main/java/org/apache/maven/continuum/web/appareance/DefaultAppareanceConfiguration.java Fri Apr 15 03:48:15 2011
@@ -31,6 +31,8 @@ import org.codehaus.plexus.personality.p
import org.codehaus.plexus.util.ReaderFactory;
import org.codehaus.plexus.util.StringUtils;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
+import org.jsoup.Jsoup;
+import org.jsoup.safety.Whitelist;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -104,7 +106,9 @@ public class DefaultAppareanceConfigurat
public void saveFooter( String footerHtmlContent )
throws IOException
{
- continuumAppearance.setFooter( footerHtmlContent );
+ String safeFooterHtmlContent = Jsoup.clean( footerHtmlContent, Whitelist.basic() );
+
+ continuumAppearance.setFooter( safeFooterHtmlContent );
ContinuumAppearanceModelsXpp3Writer writer = new ContinuumAppearanceModelsXpp3Writer();
File confFile = getAppearanceConfigurationFile();
if ( !confFile.exists() )
@@ -114,7 +118,7 @@ public class DefaultAppareanceConfigurat
FileWriter fileWriter = new FileWriter( confFile );
writer.write( fileWriter, continuumAppearance );
fileWriter.close();
- this.footer = footerHtmlContent;
+ this.footer = safeFooterHtmlContent;
}
Modified: continuum/trunk/pom.xml
URL: http://svn.apache.org/viewvc/continuum/trunk/pom.xml?rev=1092578&r1=1092577&r2=1092578&view=diff
==============================================================================
--- continuum/trunk/pom.xml (original)
+++ continuum/trunk/pom.xml Fri Apr 15 03:48:15 2011
@@ -1620,6 +1620,11 @@ under the License.
<version>1.6.2</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.jsoup</groupId>
+ <artifactId>jsoup</artifactId>
+ <version>1.5.2</version>
+ </dependency>
</dependencies>
</dependencyManagement>