You are viewing a plain text version of this content. The canonical link for it is here.
Posted to mapreduce-commits@hadoop.apache.org by cd...@apache.org on 2010/03/04 04:10:37 UTC
svn commit: r918835 - in /hadoop/mapreduce/trunk: ./
src/java/org/apache/hadoop/mapred/ src/webapps/job/ src/webapps/task/
Author: cdouglas
Date: Thu Mar 4 03:10:37 2010
New Revision: 918835
URL: http://svn.apache.org/viewvc?rev=918835&view=rev
Log:
MAPREDUCE-1454. Quote user supplied strings in Tracker servlets.
Modified:
hadoop/mapreduce/trunk/CHANGES.txt
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JSPUtil.java
hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/TaskLogServlet.java
hadoop/mapreduce/trunk/src/webapps/job/analysejobhistory.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobblacklistedtrackers.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobconf_history.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobdetails.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobdetailshistory.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobfailures.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobhistory.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobqueue_details.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobtasks.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobtaskshistory.jsp
hadoop/mapreduce/trunk/src/webapps/job/jobtracker.jsp
hadoop/mapreduce/trunk/src/webapps/job/queuetable.jsp
hadoop/mapreduce/trunk/src/webapps/job/taskdetails.jsp
hadoop/mapreduce/trunk/src/webapps/job/taskdetailshistory.jsp
hadoop/mapreduce/trunk/src/webapps/job/taskstats.jsp
hadoop/mapreduce/trunk/src/webapps/job/taskstatshistory.jsp
hadoop/mapreduce/trunk/src/webapps/task/tasktracker.jsp
Modified: hadoop/mapreduce/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/CHANGES.txt?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/CHANGES.txt (original)
+++ hadoop/mapreduce/trunk/CHANGES.txt Thu Mar 4 03:10:37 2010
@@ -198,6 +198,8 @@
MAPREDUCE-1423. Improve performance of CombineFileInputFormat when multiple
pools are configured. (Dhruba Borthakur via zshao)
+ MAPREDUCE-1454. Quote user supplied strings in Tracker servlets. (cdouglas)
+
OPTIMIZATIONS
MAPREDUCE-270. Fix the tasktracker to optionally send an out-of-band
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JSPUtil.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JSPUtil.java?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JSPUtil.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/JSPUtil.java Thu Mar 4 03:10:37 2010
@@ -36,6 +36,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
+import org.apache.hadoop.http.HtmlQuoting;
import org.apache.hadoop.mapreduce.JobACL;
import org.apache.hadoop.mapreduce.jobhistory.JobHistoryParser;
import org.apache.hadoop.mapreduce.jobhistory.JobHistoryParser.JobInfo;
@@ -270,7 +271,7 @@
boolean isModifiable = label.equals("Running") &&
privateActionsAllowed(conf);
- StringBuffer sb = new StringBuffer();
+ StringBuilder sb = new StringBuilder();
sb.append("<table border=\"1\" cellpadding=\"5\" cellspacing=\"0\">\n");
@@ -324,9 +325,10 @@
int desiredReduces = job.desiredReduces();
int completedMaps = job.finishedMaps();
int completedReduces = job.finishedReduces();
- String name = profile.getJobName();
+ String name = HtmlQuoting.quoteHtmlChars(profile.getJobName());
String jobpri = job.getPriority().toString();
- String schedulingInfo = job.getStatus().getSchedulingInfo();
+ String schedulingInfo =
+ HtmlQuoting.quoteHtmlChars(job.getStatus().getSchedulingInfo());
if (isModifiable) {
sb.append("<tr><td><input TYPE=\"checkbox\" " +
@@ -341,7 +343,8 @@
+ "\"><a href=\"jobdetails.jsp?jobid=" + jobid + "&refresh="
+ refresh + "\">" + jobid + "</a></td>" + "<td id=\"priority_"
+ rowId + "\">" + jobpri + "</td>" + "<td id=\"user_" + rowId
- + "\">" + profile.getUser() + "</td>" + "<td id=\"name_" + rowId
+ + "\">" + HtmlQuoting.quoteHtmlChars(profile.getUser()) +
+ "</td>" + "<td id=\"name_" + rowId
+ "\">" + ("".equals(name) ? " " : name) + "</td>" + "<td>"
+ StringUtils.formatPercent(status.mapProgress(), 2)
+ ServletUtil.percentageGraph(status.mapProgress() * 100, 80)
@@ -369,7 +372,7 @@
public static String generateRetiredJobTable(JobTracker tracker, int rowId)
throws IOException {
- StringBuffer sb = new StringBuffer();
+ StringBuilder sb = new StringBuilder();
sb.append("<table border=\"1\" cellpadding=\"5\" cellspacing=\"0\">\n");
Iterator<JobStatus> iterator =
@@ -404,8 +407,8 @@
"<td id=\"priority_" + rowId + "\">" +
status.getJobPriority().toString() + "</td>" +
- "<td id=\"user_" + rowId + "\">" + status.getUsername() + "</td>" +
- "<td id=\"name_" + rowId + "\">" + status.getJobName() + "</td>" +
+ "<td id=\"user_" + rowId + "\">" + HtmlQuoting.quoteHtmlChars(status.getUsername()) + "</td>" +
+ "<td id=\"name_" + rowId + "\">" + HtmlQuoting.quoteHtmlChars(status.getJobName()) + "</td>" +
"<td>" + JobStatus.getJobRunState(status.getRunState()) + "</td>" +
"<td>" + new Date(status.getStartTime()) + "</td>" +
"<td>" + new Date(status.getFinishTime()) + "</td>" +
@@ -418,7 +421,7 @@
+ ServletUtil.percentageGraph(status.reduceProgress() * 100, 80) +
"</td>" +
- "<td>" + status.getSchedulingInfo() + "</td>" +
+ "<td>" + HtmlQuoting.quoteHtmlChars(status.getSchedulingInfo()) + "</td>" +
"</tr>\n");
rowId++;
Modified: hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/TaskLogServlet.java
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/TaskLogServlet.java?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/TaskLogServlet.java (original)
+++ hadoop/mapreduce/trunk/src/java/org/apache/hadoop/mapred/TaskLogServlet.java Thu Mar 4 03:10:37 2010
@@ -35,6 +35,7 @@
import org.apache.hadoop.security.AccessControlException;
import org.apache.hadoop.security.UserGroupInformation;
import org.apache.hadoop.security.authorize.AccessControlList;
+import org.apache.hadoop.http.HtmlQuoting;
import org.apache.hadoop.util.StringUtils;
/**
@@ -61,54 +62,6 @@
+ "/tasklog?attemptid=" + taskAttemptID);
}
- /**
- * Find the next quotable character in the given array.
- * @param data the bytes to look in
- * @param offset the first index to look in
- * @param end the index after the last one to look in
- * @return the index of the quotable character or end if none was found
- */
- private static int findFirstQuotable(byte[] data, int offset, int end) {
- while (offset < end) {
- switch (data[offset]) {
- case '<':
- case '>':
- case '&':
- return offset;
- default:
- offset += 1;
- }
- }
- return offset;
- }
-
- private static void quotedWrite(OutputStream out, byte[] data, int offset,
- int length) throws IOException {
- int end = offset + length;
- while (offset < end) {
- int next = findFirstQuotable(data, offset, end);
- out.write(data, offset, next - offset);
- offset = next;
- if (offset < end) {
- switch (data[offset]) {
- case '<':
- out.write("<".getBytes());
- break;
- case '>':
- out.write(">".getBytes());
- break;
- case '&':
- out.write("&".getBytes());
- break;
- default:
- out.write(data[offset]);
- break;
- }
- offset += 1;
- }
- }
- }
-
private void printTaskLog(HttpServletResponse response,
OutputStream out, TaskAttemptID taskId,
long start, long end, boolean plainText,
@@ -130,7 +83,7 @@
if (plainText) {
out.write(b, 0, result);
} else {
- quotedWrite(out, b, 0, result);
+ HtmlQuoting.quoteHtmlChars(out, b, 0, result);
}
} else {
break;
Modified: hadoop/mapreduce/trunk/src/webapps/job/analysejobhistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/analysejobhistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/analysejobhistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/analysejobhistory.jsp Thu Mar 4 03:10:37 2010
@@ -22,6 +22,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.fs.*"
import="org.apache.hadoop.util.*"
@@ -36,7 +37,7 @@
%>
<html><body>
<%
- String jobid = request.getParameter("jobid");
+ String jobid = JobID.forName(request.getParameter("jobid")).toString();
String logFile = request.getParameter("logFile");
String numTasks = request.getParameter("numTasks");
int showTasks = 10 ;
@@ -47,8 +48,8 @@
JobHistoryParser.JobInfo job = JSPUtil.getJobInfo(request, fs);
%>
<h2>Hadoop Job <a href="jobdetailshistory.jsp?jobid=<%=jobid%>&&logFile=<%=logFile%>"><%=jobid %> </a></h2>
-<b>User : </b> <%=job.getUsername() %><br/>
-<b>JobName : </b> <%=job.getJobname() %><br/>
+<b>User : </b> <%=HtmlQuoting.quoteHtmlChars(job.getUsername()) %><br/>
+<b>JobName : </b> <%=HtmlQuoting.quoteHtmlChars(job.getJobname()) %><br/>
<b>JobConf : </b> <%=job.getJobConfPath() %><br/>
<b>Submitted At : </b> <%=StringUtils.getFormattedTimeWithDiff(dateFormat, job.getSubmitTime(), 0 ) %><br/>
<b>Launched At : </b> <%=StringUtils.getFormattedTimeWithDiff(dateFormat, job.getLaunchTime(), job.getSubmitTime()) %><br/>
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobblacklistedtrackers.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobblacklistedtrackers.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobblacklistedtrackers.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobblacklistedtrackers.jsp Thu Mar 4 03:10:37 2010
@@ -23,6 +23,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.util.*"
@@ -45,8 +46,8 @@
int maxErrorsPerTracker = job.getJobConf().getMaxTaskFailuresPerTracker();
for (Map.Entry<String,Integer> e : trackerErrors.entrySet()) {
if (e.getValue().intValue() >= maxErrorsPerTracker) {
- out.print("<tr><td>" + e.getKey() + "</td><td>" + e.getValue() +
- "</td></tr>\n");
+ out.print("<tr><td>" + HtmlQuoting.quoteHtmlChars(e.getKey()) +
+ "</td><td>" + e.getValue() + "</td></tr>\n");
}
}
out.print("</table>\n");
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobconf_history.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobconf_history.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobconf_history.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobconf_history.jsp Thu Mar 4 03:10:37 2010
@@ -22,7 +22,6 @@
import="javax.servlet.*"
import="javax.servlet.http.*"
import="java.io.*"
- import="java.net.URL"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.fs.*"
import="org.apache.hadoop.util.*"
@@ -34,7 +33,7 @@
<%
JobTracker tracker = (JobTracker) application.getAttribute("job.tracker");
- String jobId = request.getParameter("jobid");
+ String jobId = JobID.forName(request.getParameter("jobid")).toString();
if (jobId == null) {
out.println("<h2>Missing 'jobid' for fetching job configuration!</h2>");
return;
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobdetails.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobdetails.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobdetails.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobdetails.jsp Thu Mar 4 03:10:37 2010
@@ -25,6 +25,7 @@
import="java.text.*"
import="java.util.*"
import="java.text.DecimalFormat"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.mapreduce.TaskType"
@@ -297,10 +298,12 @@
JobStatus status = job.getStatus();
int runState = status.getRunState();
int flakyTaskTrackers = job.getNoOfBlackListedTrackers();
- out.print("<b>User:</b> " + profile.getUser() + "<br>\n");
- out.print("<b>Job Name:</b> " + profile.getJobName() + "<br>\n");
- out.print("<b>Job File:</b> <a href=\"jobconf.jsp?jobid=" + jobId + "\">"
- + profile.getJobFile() + "</a><br>\n");
+ out.print("<b>User:</b> " +
+ HtmlQuoting.quoteHtmlChars(profile.getUser()) + "<br>\n");
+ out.print("<b>Job Name:</b> " +
+ HtmlQuoting.quoteHtmlChars(profile.getJobName()) + "<br>\n");
+ out.print("<b>Job File:</b> <a href=\"jobconf.jsp?jobid=" + jobId + "\">" +
+ profile.getJobFile() + "</a><br>\n");
if (tracker.isJobLevelAuthorizationEnabled()) {
// Display job-view-acls and job-modify-acls configured for this job
@@ -410,11 +413,12 @@
if (isFirst) {
isFirst = false;
%>
- <td rowspan="<%=totalGroup.size()%>"><%=totalGroup.getDisplayName()%></td>
+ <td rowspan="<%=totalGroup.size()%>">
+ <%=HtmlQuoting.quoteHtmlChars(totalGroup.getDisplayName())%></td>
<%
}
%>
- <td><%=name%></td>
+ <td><%=HtmlQuoting.quoteHtmlChars(name)%></td>
<td align="right"><%=mapValue%></td>
<td align="right"><%=reduceValue%></td>
<td align="right"><%=totalValue%></td>
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobdetailshistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobdetailshistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobdetailshistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobdetailshistory.jsp Thu Mar 4 03:10:37 2010
@@ -23,6 +23,7 @@
import="java.io.*"
import="java.util.*"
import="org.apache.hadoop.fs.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapreduce.TaskAttemptID"
import="org.apache.hadoop.mapreduce.TaskID"
import="org.apache.hadoop.mapreduce.Counter"
@@ -38,7 +39,7 @@
<%! static SimpleDateFormat dateFormat = new SimpleDateFormat("d-MMM-yyyy HH:mm:ss") ; %>
<%
- String jobid = request.getParameter("jobid");
+ String jobid = JobID.forName(request.getParameter("jobid")).toString();
String logFile = request.getParameter("logFile");
Path jobFile = new Path(logFile);
@@ -58,8 +59,8 @@
<h2>Hadoop Job <%=jobid %> on <a href="jobhistory.jsp">History Viewer</a></h2>
-<b>User: </b> <%=job.getUsername() %><br/>
-<b>JobName: </b> <%=job.getJobname() %><br/>
+<b>User: </b> <%=HtmlQuoting.quoteHtmlChars(job.getUsername()) %><br/>
+<b>JobName: </b> <%=HtmlQuoting.quoteHtmlChars(job.getJobname()) %><br/>
<b>JobConf: </b> <a href="jobconf_history.jsp?jobid=<%=jobid%>&jobLogDir=<%=new Path(logFile).getParent().toString()%>&jobUniqueString=<%=jobUniqueString%>">
<%=job.getJobConfPath() %></a><br/>
<b>Submitted At: </b> <%=StringUtils.getFormattedTimeWithDiff(dateFormat, job.getSubmitTime(), 0 ) %><br/>
@@ -173,11 +174,12 @@
if (isFirst) {
isFirst = false;
%>
- <td rowspan="<%=totalGroup.size()%>"><%=totalGroup.getDisplayName()%></td>
+ <td rowspan="<%=totalGroup.size()%>">
+ <%=HtmlQuoting.quoteHtmlChars(totalGroup.getDisplayName())%></td>
<%
}
%>
- <td><%=counter.getDisplayName()%></td>
+ <td><%=HtmlQuoting.quoteHtmlChars(counter.getDisplayName())%></td>
<td align="right"><%=mapValue%></td>
<td align="right"><%=reduceValue%></td>
<td align="right"><%=totalValue%></td>
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobfailures.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobfailures.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobfailures.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobfailures.jsp Thu Mar 4 03:10:37 2010
@@ -23,6 +23,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.mapreduce.TaskType"
@@ -68,7 +69,7 @@
out.print(" ");
} else {
for(int j = 0 ; j < failures.length ; j++){
- out.print(failures[j]);
+ out.print(HtmlQuoting.quoteHtmlChars(failures[j]));
if (j < (failures.length - 1)) {
out.print("\n-------\n");
}
@@ -120,7 +121,8 @@
includeMap = true;
includeReduce = true;
} else {
- out.print("<b>Kind " + kind + " not supported.</b><br>\n");
+ out.print("<b>Kind " + kind +
+ " not supported.</b><br>\n");
return;
}
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobhistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobhistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobhistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobhistory.jsp Thu Mar 4 03:10:37 2010
@@ -27,6 +27,7 @@
import="org.apache.hadoop.fs.*"
import="javax.servlet.jsp.*"
import="java.text.SimpleDateFormat"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapreduce.jobhistory.*"
%>
@@ -47,6 +48,7 @@
<head>
<script type="text/JavaScript">
<!--
+<% // assuming search is already quoted %>
function showUserHistory(search)
{
var url
@@ -80,13 +82,15 @@
final String jobid = (parts.length >= 2)
? parts[1].toLowerCase()
: "";
+ final String rawUser = HtmlQuoting.unquoteHtmlChars(user);
+ final String rawJobid = HtmlQuoting.unquoteHtmlChars(jobid);
PathFilter jobLogFileFilter = new PathFilter() {
private boolean matchUser(String fileName) {
// return true if
// - user is not specified
// - user matches
- return "".equals(user) || user.equals(fileName.split("_")[3]);
+ return "".equals(rawUser) || rawUser.equals(fileName.split("_")[3]);
}
private boolean matchJobId(String fileName) {
@@ -95,7 +99,7 @@
// - jobid matches
String[] jobDetails = fileName.split("_");
String actualId = jobDetails[0] + "_" +jobDetails[1] + "_" + jobDetails[2] ;
- return "".equals(jobid) || jobid.equalsIgnoreCase(actualId);
+ return "".equals(rawJobid) || jobid.equalsIgnoreCase(actualId);
}
public boolean accept(Path path) {
@@ -169,10 +173,10 @@
// display the number of jobs, start index, end index
out.println("(<i> <span class=\"small\">Displaying <b>" + length + "</b> jobs from <b>" + start + "</b> to <b>" + (start + length - 1) + "</b> out of <b>" + jobFiles.length + "</b> jobs");
if (!"".equals(user)) {
- out.println(" for user <b>" + user + "</b>"); // show the user if present
+ out.println(" for user <b>" + HtmlQuoting.quoteHtmlChars(user) + "</b>"); // show the user if present
}
if (!"".equals(jobid)) {
- out.println(" for jobid <b>" + jobid + "</b> in it."); // show the jobid keyword if present
+ out.println(" for jobid <b>" + HtmlQuoting.quoteHtmlChars(jobid) + "</b> in it."); // show the jobid keyword if present
}
out.print("</span></i>)");
@@ -263,8 +267,9 @@
throws IOException {
out.print("<tr>");
out.print("<td>" + "<a href=\"jobdetailshistory.jsp?jobid=" + jobId +
- "&logFile=" + URLEncoder.encode(logFile.toString(), "UTF-8") + "\">" + jobId + "</a></td>");
- out.print("<td>" + user + "</td>");
+ "&logFile=" + URLEncoder.encode(logFile.toString(), "UTF-8") +
+ "\">" + HtmlQuoting.quoteHtmlChars(jobId) + "</a></td>");
+ out.print("<td>" + HtmlQuoting.quoteHtmlChars(user) + "</td>");
out.print("</tr>");
}
@@ -277,7 +282,8 @@
// show previous link
if (pageno > 1) {
- out.println("<a href=\"jobhistory.jsp?pageno=" + (pageno - 1) + "&search=" + search + "\">Previous</a>");
+ out.println("<a href=\"jobhistory.jsp?pageno=" + (pageno - 1) +
+ "&search=" + search + "\">Previous</a>");
}
// display the numbered index 1 2 3 4
@@ -296,7 +302,8 @@
for (int i = firstPage; i <= lastPage; ++i) {
if (i != pageno) {// needs hyperlink
- out.println(" <a href=\"jobhistory.jsp?pageno=" + i + "&search=" + search + "\">" + i + "</a> ");
+ out.println(" <a href=\"jobhistory.jsp?pageno=" + i + "&search=" +
+ search + "\">" + i + "</a> ");
} else { // current page
out.println(i);
}
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobqueue_details.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobqueue_details.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobqueue_details.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobqueue_details.jsp Thu Mar 4 03:10:37 2010
@@ -21,6 +21,7 @@
import="javax.servlet.http.*"
import="java.util.Vector"
import="java.util.Collection"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.util.StringUtils"
import="org.apache.hadoop.util.ServletUtil"
@@ -30,8 +31,7 @@
JobTracker tracker = (JobTracker) application.getAttribute("job.tracker");
String trackerName = StringUtils.simpleHostname(tracker
.getJobTrackerMachine());
- String queueName = StringUtils.escapeHTML(request
- .getParameter("queueName"));
+ String queueName = request.getParameter("queueName");
TaskScheduler scheduler = tracker.getTaskScheduler();
JobQueueInfo schedInfo = tracker.getQueueInfo(queueName);
%>
@@ -54,7 +54,8 @@
<a href="jobtracker.jsp"><%=trackerName%></a>
</h1>
<div>
-Scheduling Information : <%=schedulingInfoString.replaceAll("\n", "<br/>")%>
+Scheduling Information :
+<%=HtmlQuoting.quoteHtmlChars(schedulingInfoString).replaceAll("\n", "<br/>")%>
</div>
<hr/>
<%
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobtasks.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobtasks.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobtasks.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobtasks.jsp Thu Mar 4 03:10:37 2010
@@ -23,6 +23,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.util.*"
@@ -124,14 +125,14 @@
report.getTaskID() + "\">" + report.getTaskID() + "</a></td>");
out.print("<td>" + StringUtils.formatPercent(report.getProgress(),2) +
ServletUtil.percentageGraph(report.getProgress() * 100f, 80) + "</td>");
- out.print("<td>" + report.getState() + "<br/></td>");
+ out.print("<td>" + HtmlQuoting.quoteHtmlChars(report.getState()) + "<br/></td>");
out.println("<td>" + StringUtils.getFormattedTimeWithDiff(dateFormat, report.getStartTime(),0) + "<br/></td>");
out.println("<td>" + StringUtils.getFormattedTimeWithDiff(dateFormat,
report.getFinishTime(), report.getStartTime()) + "<br/></td>");
String[] diagnostics = report.getDiagnostics();
out.print("<td><pre>");
for (int j = 0; j < diagnostics.length ; j++) {
- out.println(diagnostics[j]);
+ out.println(HtmlQuoting.quoteHtmlChars(diagnostics[j]));
}
out.println("</pre><br/></td>");
out.println("<td>" +
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobtaskshistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobtaskshistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobtaskshistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobtaskshistory.jsp Thu Mar 4 03:10:37 2010
@@ -22,6 +22,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapreduce.TaskAttemptID"
import="org.apache.hadoop.mapreduce.TaskID"
import="org.apache.hadoop.mapred.*"
@@ -39,10 +40,10 @@
%>
<%
- String jobid = request.getParameter("jobid");
+ String jobid = JobID.forName(request.getParameter("jobid")).toString();
String logFile = request.getParameter("logFile");
- String taskStatus = request.getParameter("status");
- String taskType = request.getParameter("taskType");
+ String taskStatus = request.getParameter("status");
+ String taskType = request.getParameter("taskType");
FileSystem fs = (FileSystem) application.getAttribute("fileSys");
JobHistoryParser.JobInfo job = JSPUtil.getJobInfo(request, fs);
@@ -80,7 +81,7 @@
out.print("<td>" + StringUtils.getFormattedTimeWithDiff(dateFormat,
attempt.getFinishTime(),
attempt.getStartTime() ) + "</td>");
- out.print("<td>" + attempt.getError() + "</td>");
+ out.print("<td>"+ HtmlQuoting.quoteHtmlChars(attempt.getError()) +"</td>");
out.print("</tr>");
}
%>
Modified: hadoop/mapreduce/trunk/src/webapps/job/jobtracker.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/jobtracker.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/jobtracker.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/jobtracker.jsp Thu Mar 4 03:10:37 2010
@@ -24,6 +24,7 @@
import="java.io.*"
import="java.util.*"
import="java.text.DecimalFormat"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapreduce.*"
import="org.apache.hadoop.util.*"
@@ -113,7 +114,6 @@
<div id="quicklinks">
<a href="#quicklinks" onclick="toggle('quicklinks-list'); return false;">Quick Links</a>
<ul id="quicklinks-list">
- <li><a href="#scheduling_info">Scheduling Info</a></li>
<li><a href="#running_jobs">Running Jobs</a></li>
<li><a href="#retired_jobs">Retired Jobs</a></li>
<li><a href="#local_logs">Local Logs</a></li>
Modified: hadoop/mapreduce/trunk/src/webapps/job/queuetable.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/queuetable.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/queuetable.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/queuetable.jsp Thu Mar 4 03:10:37 2010
@@ -27,6 +27,7 @@
import="java.io.*"
import="java.util.*"
import="java.text.DecimalFormat"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.util.*"
import="org.apache.hadoop.util.ServletUtil"
@@ -62,7 +63,8 @@
<tr>
<td><a href="jobqueue_details.jsp?queueName=<%=queueName%>"><%=queueName%></a>
</td>
-<td><%=schedulingInformation.replaceAll("\n","<br/>") %>
+<td>
+<%=HtmlQuoting.quoteHtmlChars(schedulingInformation).replaceAll("\n","<br/>")%>
</td>
</tr>
<%
Modified: hadoop/mapreduce/trunk/src/webapps/job/taskdetails.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/taskdetails.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/taskdetails.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/taskdetails.jsp Thu Mar 4 03:10:37 2010
@@ -24,6 +24,7 @@
import="java.io.*"
import="java.lang.String"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.util.*"
@@ -271,7 +272,7 @@
out.print(" ");
} else {
for(int j = 0 ; j < failures.length ; j++){
- out.print(failures[j]);
+ out.print(HtmlQuoting.quoteHtmlChars(failures[j]));
if (j < (failures.length - 1)) {
out.print("\n-------\n");
}
Modified: hadoop/mapreduce/trunk/src/webapps/job/taskdetailshistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/taskdetailshistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/taskdetailshistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/taskdetailshistory.jsp Thu Mar 4 03:10:37 2010
@@ -22,6 +22,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.fs.*"
import="org.apache.hadoop.util.*"
@@ -38,7 +39,7 @@
%>
<%
- String jobid = request.getParameter("jobid");
+ String jobid = JobID.forName(request.getParameter("jobid")).toString();
String logFile = request.getParameter("logFile");
String taskid = request.getParameter("taskid");
FileSystem fs = (FileSystem) application.getAttribute("fileSys");
@@ -105,7 +106,8 @@
taskAttempt.getFinishTime(),
taskAttempt.getStartTime()) + "</td>");
out.print("<td>" + taskAttempt.getHostname() + "</td>");
- out.print("<td>" + taskAttempt.getError() + "</td>");
+ out.print("<td>" + HtmlQuoting.quoteHtmlChars(taskAttempt.getError()) +
+ "</td>");
// Print task log urls
out.print("<td>");
Modified: hadoop/mapreduce/trunk/src/webapps/job/taskstats.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/taskstats.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/taskstats.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/taskstats.jsp Thu Mar 4 03:10:37 2010
@@ -25,6 +25,7 @@
import="java.lang.String"
import="java.text.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.mapred.JSPUtil.JobWithViewAccessCheck"
import="org.apache.hadoop.util.*"
@@ -94,7 +95,8 @@
String displayGroupName = group.getDisplayName();
%>
<tr>
- <td colspan="3"><br/><b><%=displayGroupName%></b></td>
+ <td colspan="3"><br/><b>
+ <%=HtmlQuoting.quoteHtmlChars(displayGroupName)%></b></td>
</tr>
<%
for (Counters.Counter counter : group) {
@@ -103,7 +105,7 @@
%>
<tr>
<td width="50"></td>
- <td><%=displayCounterName%></td>
+ <td><%=HtmlQuoting.quoteHtmlChars(displayCounterName)%></td>
<td align="right"><%=decimal.format(value)%></td>
</tr>
<%
Modified: hadoop/mapreduce/trunk/src/webapps/job/taskstatshistory.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/job/taskstatshistory.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/job/taskstatshistory.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/job/taskstatshistory.jsp Thu Mar 4 03:10:37 2010
@@ -22,6 +22,7 @@
import="javax.servlet.http.*"
import="java.io.*"
import="java.util.*"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.fs.*"
import="org.apache.hadoop.util.*"
@@ -80,7 +81,8 @@
String displayGroupName = group.getDisplayName();
%>
<tr>
- <td colspan="3"><br/><b><%=displayGroupName%></b></td>
+ <td colspan="3"><br/><b>
+ <%=HtmlQuoting.quoteHtmlChars(displayGroupName)%></b></td>
</tr>
<%
Iterator<Counter> ctrItr = group.iterator();
@@ -91,7 +93,7 @@
%>
<tr>
<td width="50"></td>
- <td><%=displayCounterName%></td>
+ <td><%=HtmlQuoting.quoteHtmlChars(displayCounterName)%></td>
<td align="right"><%=decimal.format(value)%></td>
</tr>
<%
Modified: hadoop/mapreduce/trunk/src/webapps/task/tasktracker.jsp
URL: http://svn.apache.org/viewvc/hadoop/mapreduce/trunk/src/webapps/task/tasktracker.jsp?rev=918835&r1=918834&r2=918835&view=diff
==============================================================================
--- hadoop/mapreduce/trunk/src/webapps/task/tasktracker.jsp (original)
+++ hadoop/mapreduce/trunk/src/webapps/task/tasktracker.jsp Thu Mar 4 03:10:37 2010
@@ -24,6 +24,7 @@
import="java.io.*"
import="java.util.*"
import="java.text.DecimalFormat"
+ import="org.apache.hadoop.http.HtmlQuoting"
import="org.apache.hadoop.mapred.*"
import="org.apache.hadoop.util.*"
%>
@@ -61,7 +62,9 @@
out.print("</td><td>" + status.getRunState());
out.print("</td><td>" +
StringUtils.formatPercent(status.getProgress(), 2));
- out.print("</td><td><pre>" + status.getDiagnosticInfo() + "</pre></td>");
+ out.print("</td><td><pre>" +
+ HtmlQuoting.quoteHtmlChars(status.getDiagnosticInfo()) +
+ "</pre></td>");
out.print("</tr>\n");
}
%>
@@ -94,7 +97,9 @@
out.print("</td><td>" + status.getRunState());
out.print("</td><td>" +
StringUtils.formatPercent(status.getProgress(), 2));
- out.print("</td><td><pre>" + status.getDiagnosticInfo() + "</pre></td>");
+ out.print("</td><td><pre>" +
+ HtmlQuoting.quoteHtmlChars(status.getDiagnosticInfo()) +
+ "</pre></td>");
out.print("</tr>\n");
}
%>