You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Nick Dimiduk (JIRA)" <ji...@apache.org> on 2012/12/01 01:45:58 UTC

[jira] [Updated] (HBASE-1299) JSPs don't HTML escape literals (ie: table names, region names, start & end keys)

     [ https://issues.apache.org/jira/browse/HBASE-1299?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Nick Dimiduk updated HBASE-1299:
--------------------------------

    Status: Patch Available  (was: Open)

This is a hacky kind of fix to the existing JSP pages. The proper solution should be the replacement of these pages with jamon templates, a la MasterStatus. Thoughts?
                
> JSPs don't HTML escape literals (ie: table names, region names, start & end keys)
> ---------------------------------------------------------------------------------
>
>                 Key: HBASE-1299
>                 URL: https://issues.apache.org/jira/browse/HBASE-1299
>             Project: HBase
>          Issue Type: Bug
>    Affects Versions: 0.19.1, 0.19.0
>            Reporter: Hoss Man
>         Attachments: 1299.patch
>
>
> similar to HBASE-1298, the various JSPs included with HBase for monitoring the system don't seem to do any HTML escaping when displaying user entered data which may contain special characters: table names, region names, start Keys, or end Keys

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira