You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Lars George (JIRA)" <ji...@apache.org> on 2009/04/04 20:32:13 UTC
[jira] Commented: (HBASE-1299) JSPs don't HTML escape literals (ie:
table names, region names, start & end keys)
[ https://issues.apache.org/jira/browse/HBASE-1299?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12695774#action_12695774 ]
Lars George commented on HBASE-1299:
------------------------------------
I would have done this too while working on HBASE-1298 but I am not sure if there is nowadays an equivalent to the URLEncode class that does HTML codepoint conversions. Or maybe there is one somewhere already in the project in another library? Do you know?
If not this seems not to warrant adding for example Commons Lang:
http://commons.apache.org/lang/api-release/org/apache/commons/lang/StringEscapeUtils.html
We could simply add a local helper that does the encoding, but I would like to know first from the boss if that is advisable or what the general approach to this is. Please advise.
> JSPs don't HTML escape literals (ie: table names, region names, start & end keys)
> ---------------------------------------------------------------------------------
>
> Key: HBASE-1299
> URL: https://issues.apache.org/jira/browse/HBASE-1299
> Project: Hadoop HBase
> Issue Type: Bug
> Affects Versions: 0.19.0, 0.19.1
> Reporter: Hoss Man
>
> similar to HBASE-1298, the various JSPs included with HBase for monitoring the system don't seem to do any HTML escaping when displaying user entered data which may contain special characters: table names, region names, start Keys, or end Keys
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.