You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@spark.apache.org by sr...@apache.org on 2022/06/17 18:32:33 UTC
[spark] branch branch-3.2 updated: [SPARK-39505][UI] Escape log content rendered in UI
This is an automated email from the ASF dual-hosted git repository.
srowen pushed a commit to branch branch-3.2
in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/branch-3.2 by this push:
new 07edae97342 [SPARK-39505][UI] Escape log content rendered in UI
07edae97342 is described below
commit 07edae97342ae3095b370a3f780b61c94241e771
Author: Sean Owen <sr...@gmail.com>
AuthorDate: Fri Jun 17 09:36:49 2022 -0700
[SPARK-39505][UI] Escape log content rendered in UI
### What changes were proposed in this pull request?
Escape log content rendered to the UI.
### Why are the changes needed?
Log content may contain reserved characters or other code in the log and be misinterpreted in the UI as HTML.
### Does this PR introduce _any_ user-facing change?
No
### How was this patch tested?
Existing tests
Closes #36902 from srowen/LogViewEscape.
Authored-by: Sean Owen <sr...@gmail.com>
Signed-off-by: Dongjoon Hyun <do...@apache.org>
---
core/src/main/resources/org/apache/spark/ui/static/log-view.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/core/src/main/resources/org/apache/spark/ui/static/log-view.js b/core/src/main/resources/org/apache/spark/ui/static/log-view.js
index 2f416d8210e..92df087f4bd 100644
--- a/core/src/main/resources/org/apache/spark/ui/static/log-view.js
+++ b/core/src/main/resources/org/apache/spark/ui/static/log-view.js
@@ -85,7 +85,7 @@ function loadMore() {
if (retStartByte == 0) {
disableMoreButton();
}
- $("pre", ".log-content").prepend(cleanData);
+ $("pre", ".log-content").prepend(document.createTextNode(cleanData));
curLogLength = curLogLength + (startByte - retStartByte);
startByte = retStartByte;
@@ -115,7 +115,7 @@ function loadNew() {
var retLogLength = dataInfo[2];
var cleanData = data.substring(newlineIndex + 1);
- $("pre", ".log-content").append(cleanData);
+ $("pre", ".log-content").append(document.createTextNode(cleanData));
curLogLength = curLogLength + (retEndByte - retStartByte);
endByte = retEndByte;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@spark.apache.org
For additional commands, e-mail: commits-help@spark.apache.org