You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2014/10/03 14:14:05 UTC

svn commit: r1629188 - in /manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main: java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ resources/org/apache/manifoldcf/authorities/authorities/alfrescowebsc...

Author: kwright
Date: Fri Oct  3 12:14:05 2014
New Revision: 1629188

URL: http://svn.apache.org/r1629188
Log:
Properly escape UI for authority

Modified:
    manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ConfigurationHandler.java
    manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration.js
    manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration_Server.html
    manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/viewConfiguration.html

Modified: manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ConfigurationHandler.java
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ConfigurationHandler.java?rev=1629188&r1=1629187&r2=1629188&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ConfigurationHandler.java (original)
+++ manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/ConfigurationHandler.java Fri Oct  3 12:14:05 2014
@@ -60,15 +60,12 @@ public class ConfigurationHandler {
       IHTTPOutput out, Locale locale, ConfigParams parameters,
       List<String> tabsArray) throws ManifoldCFException, IOException {
     tabsArray.add("Server");
-    // KDW - This should be using Velocity templates!  See functionality provided by Messages class in almost every connector
-    InputStream inputStream = ConfigurationHandler.class.getResourceAsStream("/org/apache/manifoldcf/authorities/alfresco/" + EDIT_CONFIG_HEADER);
-    StringWriter writer = new StringWriter();
-    IOUtils.copy(inputStream, writer, "UTF-8");
-    inputStream.close();
-    out.print(writer.toString());
+    Map<String, Object> paramMap = new HashMap<String, Object>();
+    fillInParameters(paramMap, parameters);
+    Messages.outputResourceWithVelocity(out, locale, EDIT_CONFIG_HEADER, paramMap);
   }
 
-  private static void fillInParameters(Map<String, String> paramMap,
+  private static void fillInParameters(Map<String, Object> paramMap,
       ConfigParams parameters) {
     for (Map.Entry<String, String> parameter : DEFAULT_CONFIGURATION_PARAMETERS
         .entrySet()) {
@@ -83,14 +80,10 @@ public class ConfigurationHandler {
   public static void outputConfigurationBody(IThreadContext threadContext,
       IHTTPOutput out, Locale locale, ConfigParams parameters, String tabName)
       throws ManifoldCFException, IOException {
-    Map<String, String> paramMap = new HashMap<String, String>();
+    Map<String, Object> paramMap = new HashMap<String, Object>();
     paramMap.put("tabName", tabName);
     fillInParameters(paramMap, parameters);
-    VelocityEngine velocityEngine = Messages.createVelocityEngine(ConfigurationHandler.class);
-    VelocityContext context = createVelocityContext(paramMap);
-    StringWriter w = new StringWriter();
-    velocityEngine.mergeTemplate(EDIT_CONFIG_SERVER, "UTF-8", context, w);
-    out.print(w.toString());
+    Messages.outputResourceWithVelocity(out, locale, EDIT_CONFIG_SERVER, paramMap);
   }
 
   private static VelocityContext createVelocityContext(Map<String, String> paramMap) {
@@ -116,12 +109,8 @@ public class ConfigurationHandler {
   public static void viewConfiguration(IThreadContext threadContext,
       IHTTPOutput out, Locale locale, ConfigParams parameters)
       throws ManifoldCFException, IOException {
-    Map<String, String> paramMap = new HashMap<String, String>();
+    Map<String, Object> paramMap = new HashMap<String, Object>();
     fillInParameters(paramMap, parameters);
-    VelocityEngine velocityEngine = Messages.createVelocityEngine(ConfigurationHandler.class);
-    VelocityContext context = createVelocityContext(paramMap);
-    StringWriter w = new StringWriter();
-    velocityEngine.mergeTemplate(VIEW_CONFIG, "UTF-8", context, w);
-    out.print(w.toString());
+    Messages.outputResourceWithVelocity(out, locale, VIEW_CONFIG, paramMap);
   }
 }

Modified: manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration.js
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration.js?rev=1629188&r1=1629187&r2=1629188&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration.js (original)
+++ manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration.js Fri Oct  3 12:14:05 2014
@@ -1,29 +1,29 @@
 <script type="text/javascript">
 <!--
 function checkConfig() {
-	return true;
+  return true;
 }
 
 function checkConfigForSave() {
-	if (editconnection.protocol.value == "") {
-		alert("Protocol must not be empty!");
-		SelectTab("Server");
-		editconnection.protocol.focus();
-		return false;
-	}
-	if (editconnection.hostname.value == "") {
-		alert("Hostname must not be empty!");
-		SelectTab("Server");
-		editconnection.hostname.focus();
-		return false;
-	}
-	if (editconnection.endpoint.value == "") {
-		alert("Endpoint must not be empty!");
-		SelectTab("Server");
-		editconnection.endpoint.focus();
-		return false;
-	}
-	return true;
+  if (editconnection.protocol.value == "") {
+    alert("Protocol must not be empty!");
+    SelectTab("Server");
+    editconnection.protocol.focus();
+    return false;
+  }
+  if (editconnection.hostname.value == "") {
+    alert("Hostname must not be empty!");
+    SelectTab("Server");
+    editconnection.hostname.focus();
+    return false;
+  }
+  if (editconnection.endpoint.value == "") {
+    alert("Endpoint must not be empty!");
+    SelectTab("Server");
+    editconnection.endpoint.focus();
+    return false;
+  }
+  return true;
 }
 // -->
 </script>

Modified: manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration_Server.html
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration_Server.html?rev=1629188&r1=1629187&r2=1629188&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration_Server.html (original)
+++ manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/editConfiguration_Server.html Fri Oct  3 12:14:05 2014
@@ -1,50 +1,50 @@
 #if($tabName == "Server")
 <table class="displaytable">
-	<tr>
-		<td class="description">
-			<nobr>Protocol</nobr>
-		</td>
-		<td class="value">
-			<input name="protocol" type="text" size="32" value="$protocol" />
-		</td>
-	</tr>
-	<tr>
-		<td class="description">
-			<nobr>Hostname</nobr>
-		</td>
-		<td class="value">
-			<input name="hostname" type="text" size="32" value="$hostname"/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description">
-			<nobr>Endpoint</nobr>
-		</td>
-		<td class="value">
-			<input name="endpoint" type="text" size="32" value="$endpoint" />
-		</td>
-	</tr>
-	<tr>
-		<td class="description">
-			<nobr>Username</nobr>
-		</td>
-		<td class="value">
-			<input name="username" type="text" size="32" value="$username"/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description">
-			<nobr>Password</nobr>
-		</td>
-		<td class="value">
-			<input name="password" type="password" size="32" value="$password"/>
-		</td>
-	</tr>
+  <tr>
+    <td class="description">
+      <nobr>Protocol</nobr>
+    </td>
+    <td class="value">
+      <input name="protocol" type="text" size="32" value="$Encoder.attributeEscape($protocol)" />
+    </td>
+  </tr>
+  <tr>
+    <td class="description">
+      <nobr>Hostname</nobr>
+    </td>
+    <td class="value">
+      <input name="hostname" type="text" size="32" value="$Encoder.attributeEscape($hostname)"/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description">
+      <nobr>Endpoint</nobr>
+    </td>
+    <td class="value">
+      <input name="endpoint" type="text" size="32" value="$Encoder.attributeEscape($endpoint)" />
+    </td>
+  </tr>
+  <tr>
+    <td class="description">
+      <nobr>Username</nobr>
+    </td>
+    <td class="value">
+      <input name="username" type="text" size="32" value="$Encoder.attributeEscape($username)"/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description">
+      <nobr>Password</nobr>
+    </td>
+    <td class="value">
+      <input name="password" type="password" size="32" value="$Encoder.attributeEscape($password)"/>
+    </td>
+  </tr>
 </table>
 #else
-<input type="hidden" name="protocol" value="$protocol" />
-<input type="hidden" name="hostname" value="$hostname" />
-<input type="hidden" name="endpoint" value="$endpoint" />
-<input type="hidden" name="username" value="$username" />
-<input type="hidden" name="password" value="$password" />
+<input type="hidden" name="protocol" value="$Encoder.attributeEscape($protocol)" />
+<input type="hidden" name="hostname" value="$Encoder.attributeEscape($hostname)" />
+<input type="hidden" name="endpoint" value="$Encoder.attributeEscape($endpoint)" />
+<input type="hidden" name="username" value="$Encoder.attributeEscape($username)" />
+<input type="hidden" name="password" value="$Encoder.attributeEscape($password)" />
 #end

Modified: manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/viewConfiguration.html
URL: http://svn.apache.org/viewvc/manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/viewConfiguration.html?rev=1629188&r1=1629187&r2=1629188&view=diff
==============================================================================
--- manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/viewConfiguration.html (original)
+++ manifoldcf/branches/CONNECTORS-1037/connectors/alfresco-webscript/connector/src/main/resources/org/apache/manifoldcf/authorities/authorities/alfrescowebscript/viewConfiguration.html Fri Oct  3 12:14:05 2014
@@ -1,42 +1,42 @@
 <table class="displaytable">
-	<tr>
-		<td class="description" colspan="1">
-			<nobr>Protocol:</nobr>
-		</td>
-		<td class="value" colspan="3">
-			<nobr>$protocol</nobr><br/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description" colspan="1">
-			<nobr>Hostname:</nobr>
-		</td>
-		<td class="value" colspan="3">
-			<nobr>$hostname</nobr><br/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description" colspan="1">
-			<nobr>Endpoint:</nobr>
-		</td>
-		<td class="value" colspan="3">
-			<nobr>$endpoint</nobr><br/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description" colspan="1">
-			<nobr>Username:</nobr>
-		</td>
-		<td class="value" colspan="3">
-			<nobr>$username</nobr><br/>
-		</td>
-	</tr>
-	<tr>
-		<td class="description" colspan="1">
-			<nobr>Password:</nobr>
-		</td>
-		<td class="value" colspan="3">
-			<nobr>********</nobr><br/>
-		</td>
-	</tr>
+  <tr>
+    <td class="description" colspan="1">
+      <nobr>Protocol:</nobr>
+    </td>
+    <td class="value" colspan="3">
+      <nobr>$Encoder.bodyEscape($protocol)</nobr><br/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description" colspan="1">
+      <nobr>Hostname:</nobr>
+    </td>
+    <td class="value" colspan="3">
+      <nobr>$Encoder.bodyEscape($hostname)</nobr><br/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description" colspan="1">
+      <nobr>Endpoint:</nobr>
+    </td>
+    <td class="value" colspan="3">
+      <nobr>$Encoder.bodyEscape($endpoint)</nobr><br/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description" colspan="1">
+      <nobr>Username:</nobr>
+    </td>
+    <td class="value" colspan="3">
+      <nobr>$Encoder.bodyEscape($username)</nobr><br/>
+    </td>
+  </tr>
+  <tr>
+    <td class="description" colspan="1">
+      <nobr>Password:</nobr>
+    </td>
+    <td class="value" colspan="3">
+      <nobr>********</nobr><br/>
+    </td>
+  </tr>
 </table>