public void send() {
EventBus eventBus = EventBusFactory.getDefault().eventBus();
eventBus.publish(
CHANNEL,
new FacesMessage(
StringEscapeUtils.escapeHtml(summary), StringEscapeUtils.escapeHtml(detail)));
}
@SuppressWarnings({"unchecked"})
private void handleIssueRequest(
PersistenceManager pm, HttpServletRequest req, HttpServletResponse resp, String uri)
throws IOException {
if (req.getParameter("embed") == null) {
show404(resp);
return;
}
Pattern p = Pattern.compile("/issues/([^/?]+)");
Matcher m = p.matcher(uri);
if (!m.matches()) {
show404(resp);
return;
}
String hash = m.group(1);
Map<String, DbIssue> map = persistenceHelper.findIssues(pm, Lists.<String>newArrayList(hash));
DbIssue issue = map.get(hash);
if (issue == null) {
printHtmlPreface(resp);
resp.getWriter()
.println("<p>This issue has not been submitted to the " + getCloudName() + "</p>");
LOGGER.info("Not in cloud");
return;
}
List<DbEvaluation> list = Lists.newArrayList(sortAndFilterEvaluations(issue.getEvaluations()));
LOGGER.info("Issue " + issue.getPrimaryClass() + " - " + list.size() + " comments");
if (list.isEmpty()) {
printHtmlPreface(resp);
resp.getWriter().println("<p>No comments have been submitted for this issue</p>");
return;
}
Collections.reverse(list);
PrintWriter out = resp.getWriter();
printHtmlPreface(resp);
out.println("<table border=0 class=popup-evals cellspacing=15>");
for (DbEvaluation evaluation : list) {
out.println("<tr>");
out.println(
"<td>"
+ StringEscapeUtils.escapeHtml(evaluation.getEmail())
+ "<br><span class=timestamp>"
+ TIMESTAMP_FORMAT().format(new Date(evaluation.getWhen()))
+ " </span></td>");
out.println(
"<td><strong>"
+ StringEscapeUtils.escapeHtml(evaluation.getDesignation())
+ "</strong>"
+ " — "
+ StringEscapeUtils.escapeHtml(evaluation.getComment())
+ "</td>");
out.println("</tr>");
}
out.println("</table>");
}
private String encodeHLink(String uri_string, String name) throws URISyntaxException {
// System.out.println("linking: >>"+uri_string);
// URI uri = new URI(uri_string);
return ("<a href="
+ StringEscapeUtils.escapeHtml(uri_string)
+ ">"
+ StringEscapeUtils.escapeHtml(name)
+ "</a>");
}
protected void setTableAttributes(TableHandler tableHandler) {
Table table = tableHandler.getTable();
setAttribute("currentpage", table.getCurrentPage());
setAttribute("rowcount", table.getRowCount());
setAttribute("maxrowspage", table.getMaxRowsPerPage());
setAttribute("headerposition", table.getHeaderPosition());
setAttribute(
"htmlstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getHtmlStyle())));
setAttribute(
"rowevenstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowEvenStyle())));
setAttribute(
"rowoddstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowOddStyle())));
setAttribute(
"rowhoverstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowHoverStyle())));
setAttribute(
"htmlclass", StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getHtmlClass())));
setAttribute(
"rowevenclass",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowEventClass())));
setAttribute(
"rowoddclass",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowOddClass())));
setAttribute(
"rowhoverclass",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowHoverClass())));
setAttribute("htmlstyleview", table.getHtmlStyle());
}
/**
* Build the HTML anchor link to a topic page for a given WikLink object.
*
* @param context The servlet context for the link that is being created.
* @param virtualWiki The virtual wiki for the link that is being created.
* @param wikiLink The WikiLink object containing all relevant information about the link being
* generated.
* @param text The text to display as the link content.
* @param style The CSS class to use with the anchor HTML tag. This value can be <code>null</code>
* or empty if no custom style is used.
* @param target The anchor link target, or <code>null</code> or empty if no target is needed.
* @param escapeHtml Set to <code>true</code> if the link caption should be HTML escaped. This
* value should be <code>true</code> in any case where the caption is not guaranteed to be
* free from potentially malicious HTML code.
* @return An HTML anchor link that matches the given input parameters.
* @throws DataAccessException Thrown if any error occurs while retrieving topic information.
*/
public static String buildInternalLinkHtml(
String context,
String virtualWiki,
WikiLink wikiLink,
String text,
String style,
String target,
boolean escapeHtml)
throws DataAccessException {
String url = LinkUtil.buildTopicUrl(context, virtualWiki, wikiLink);
String topic = wikiLink.getDestination();
if (StringUtils.isBlank(text)) {
text = topic;
}
if (!StringUtils.isBlank(topic) && StringUtils.isBlank(style)) {
if (!StringUtils.isEmpty(virtualWiki) && InterWikiHandler.isInterWiki(virtualWiki)) {
style = "interwiki";
} else if (!LinkUtil.isExistingArticle(virtualWiki, topic)) {
style = "edit";
}
}
if (!StringUtils.isBlank(style)) {
style = " class=\"" + style + "\"";
} else {
style = "";
}
if (!StringUtils.isBlank(target)) {
target = " target=\"" + target + "\"";
} else {
target = "";
}
if (StringUtils.isBlank(topic) && !StringUtils.isBlank(wikiLink.getSection())) {
topic = wikiLink.getSection();
}
StringBuffer html = new StringBuffer();
html.append("<a href=\"").append(url).append('\"').append(style);
html.append(" title=\"")
.append(StringEscapeUtils.escapeHtml(topic))
.append('\"')
.append(target)
.append('>');
if (escapeHtml) {
html.append(StringEscapeUtils.escapeHtml(text));
} else {
html.append(text);
}
html.append("</a>");
return html.toString();
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String param = "";
java.util.Enumeration<String> names = request.getParameterNames();
if (names.hasMoreElements()) {
param = names.nextElement(); // just grab first element
}
String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);
String sql = "{call verifyUserPassword('foo','" + bar + "')}";
try {
java.sql.Connection connection =
org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
java.sql.CallableStatement statement =
connection.prepareCall(
sql,
java.sql.ResultSet.TYPE_FORWARD_ONLY,
java.sql.ResultSet.CONCUR_READ_ONLY,
java.sql.ResultSet.CLOSE_CURSORS_AT_COMMIT);
statement.execute();
} catch (java.sql.SQLException e) {
throw new ServletException(e);
}
}
public void appendText(
String text, boolean escapeHtml, boolean bold, boolean italic, String color) {
if (bold) {
textBuilder.append("<b>");
}
if (italic) {
textBuilder.append("<i>");
}
if (color != null) {
textBuilder.append("<font color=\"" + color + "\">");
}
if (escapeHtml) {
text = StringEscapeUtils.escapeHtml(text);
}
textBuilder.append(text);
if (color != null) {
textBuilder.append("</font>");
}
if (italic) {
textBuilder.append("</i>");
}
if (bold) {
textBuilder.append("</b>");
}
}
public String toHTML(String template) {
String templateText = "";
File templateFile = new File(Consts.TEMPLATESPATH + "/" + template + ".tpl");
try {
templateText = new String(Files.readAllBytes(templateFile.toPath()), StandardCharsets.UTF_8);
Class<?> c = this.getClass();
Field[] fields = c.getDeclaredFields();
// TODO:setSpec
for (Field field : fields) {
String replaceStr = StringEscapeUtils.escapeHtml(field.get(this).toString());
templateText =
templateText.replaceAll(
"\\{\\$" + field.getName() + "\\}", Matcher.quoteReplacement(replaceStr));
}
} catch (IllegalAccessException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return templateText;
}
/**
* 构造一个在页面加载完成自动提交的表单,可用于post表单数据(请求支付)等等。
*
* @param params 提交参数
* @param actionUrl form action url
* @param charset mete content charset
*/
public static String createAutoSubmitForm(
Map<String, String> params, String actionUrl, String charset) {
StringBuffer sb = new StringBuffer();
sb.append("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
sb.append("<html>");
sb.append("<head>");
sb.append("<title>跳转......</title>");
sb.append("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=" + charset + "\">");
sb.append("</head>");
sb.append("<body>");
sb.append(
"<form action=\"" + actionUrl + "\" method=\"post\" id=\"frm1\" style=\"display:none;\">");
for (String key : params.keySet()) {
sb.append(
"<input type=\"hidden\" name=\""
+ key
+ "\" value=\""
+ StringEscapeUtils.escapeHtml(params.get(key))
+ "\">");
}
sb.append("</form>");
sb.append(
"<script type=\"text/javascript\">document.getElementById(\"frm1\").submit()</script>");
sb.append("</body>");
return sb.toString();
}
public String getSelectedStudentGrades() {
if (currentGradebook == null) {
return "<p>" + msgs.getString("no_gradebook_selected") + "</p>";
}
if (currentGradebook.getUsernames() == null || currentGradebook.getUsernames().isEmpty()) {
return "<p>"
+ msgs.getFormattedMessage(
"no_grades_in_gradebook",
new Object[] {StringEscapeUtils.escapeHtml(currentGradebook.getTitle())})
+ "</p>";
}
if (selectedStudent == null || selectedStudent.equals("")) {
return msgs.getString("select_participant");
}
StudentGrades selStudent =
gradebookManager.getStudentByGBAndUsername(currentGradebook, selectedStudent);
if (selStudent != null) {
selStudent.setGradebook(currentGradebook);
return selStudent.formatGrades();
}
return msgs.getString("select_participant");
}
@Override
public void render(
final StringOutput sb,
final Renderer renderer,
final Object val,
final Locale locale,
final int alignment,
final String action) {
if (renderer == null) {
// render for export
String value = getCellValue(val);
if (!StringHelper.containsNonWhitespace(value)) {
value = getHoverText(val);
}
sb.append(value);
} else {
sb.append("<i class='").append(getCssClass(val)).append("'> </i> <span");
String hoverText = getHoverText(val);
if (StringHelper.containsNonWhitespace(hoverText)) {
sb.append(" title=\"");
sb.append(StringEscapeUtils.escapeHtml(hoverText));
}
sb.append("\">");
sb.append(getCellValue(val));
sb.append("</span>");
}
}
@Override
public String getInclude(String url) {
StringBuffer buf = new StringBuffer();
buf.append("<esi:include src=\"");
buf.append(StringEscapeUtils.escapeHtml(url));
buf.append("\"/>");
return buf.toString();
}
public static String escapeScriptTag(final String s) {
if (StringUtils.isEmpty(s)) {
return s;
} else {
String escapedLabel = s.toLowerCase();
if (!(escapedLabel.matches(".*<.*script.*>.*")
|| escapedLabel.matches(
".*javascript\\s*:.*"))) // only truly script if in <> or with :, overly strict for
// nows
{
return unescapeHtmlWithExceptions(StringEscapeUtils.escapeHtml(s));
} else {
escapedLabel =
StringUtils.replace(escapedLabel, "script", "POSSIBLE INLINE JAVASCRIPT REMOVED");
return unescapeHtmlWithExceptions(StringEscapeUtils.escapeHtml(escapedLabel));
}
}
}
/**
* Get command-label map for a Selection widget
*
* @return String representing JSON object
*/
private String getMappingsJSON(Selection w) {
JsonObject resultObject = new JsonObject();
for (Mapping mapping : w.getMappings()) {
resultObject.addProperty(mapping.getCmd(), mapping.getLabel());
}
String result = resultObject.toString();
result = StringEscapeUtils.escapeHtml(result);
return result;
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
java.util.Map<String, String[]> map = request.getParameterMap();
String param = "";
if (!map.isEmpty()) {
String[] values = map.get("vector");
if (values != null) param = values[0];
}
String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);
double value = java.lang.Math.random();
String rememberMeKey = Double.toString(value).substring(2); // Trim off the 0. at the front.
String user = "******";
String fullClassName = this.getClass().getName();
String testCaseNumber =
fullClassName.substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length());
user += testCaseNumber;
String cookieName = "rememberMe" + testCaseNumber;
boolean foundUser = false;
javax.servlet.http.Cookie[] cookies = request.getCookies();
for (int i = 0; cookies != null && ++i < cookies.length && !foundUser; ) {
javax.servlet.http.Cookie cookie = cookies[i];
if (cookieName.equals(cookie.getName())) {
if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
foundUser = true;
}
}
}
if (foundUser) {
response.getWriter().println("Welcome back: " + user + "<br/>");
} else {
javax.servlet.http.Cookie rememberMe =
new javax.servlet.http.Cookie(cookieName, rememberMeKey);
rememberMe.setSecure(true);
request.getSession().setAttribute(cookieName, rememberMeKey);
response.addCookie(rememberMe);
response
.getWriter()
.println(
user
+ " has been remembered with cookie: "
+ rememberMe.getName()
+ " whose value is: "
+ rememberMe.getValue()
+ "<br/>");
}
response.getWriter().println("Weak Randomness Test java.lang.Math.random() executed");
}
private void buildStepTagRows(final StringBuilder buf, final Collection<StepDescriptor> infos) {
for (final StepDescriptor info : infos) {
log.debug(
"info non escaped: "
+ info.getExpression()
+ "\n\tescaped:\n"
+ StringEscapeUtils.escapeHtml(info.getExpression()));
buf.append(
String.format(
TABLE_ROW_FORMAT,
StringEscapeUtils.escapeHtml(info.getExpression()),
info.getExample().replaceAll("\n", " "),
StringEscapeUtils.escapeHtml(info.getDescription()).replaceAll("\n", " ")))
.append("\n");
}
}
public static String escapeHtml(String string) {
return string == null
? null
: StringUtils.replaceAll(
StringEscapeUtils.escapeHtml(string),
"\\x22",
""", // double quote
"\\x27",
"'"); // single quote
}
private void nodeFilter(Node node) {
LinkedList<Node> currentChildNode = node.getChildNodes();
if (node.getParentNode() != null) {
if (!node.getContent().equals("")) {
node.setContent(StringEscapeUtils.escapeHtml(node.getContent()));
}
}
for (int i = 0; i < currentChildNode.size(); i++) {
nodeFilter(currentChildNode.get(i));
}
}
/**
* some old testing
*
* @param args
*/
public static void main(String[] args) {
System.out.println("hello");
// log.debug(linePrepend("asdfsdf. bla and. \n2.line\n3.third",">"));
// log.debug(escape("bla<>and so on &&\nsecond line").toString());
System.out.println(":" + StringEscapeUtils.escapeHtml("abcdef&<>") + ":");
System.out.println(":" + StringEscapeUtils.escapeHtml("Ā<ba>abcdef&<>") + ":");
System.out.println(":" + StringEscapeUtils.escapeHtml("Ā\n<ba>\nabcdef&<>") + ":");
System.out.println(":" + Formatter.truncate("abcdef", 0) + ":");
System.out.println(":" + Formatter.truncate("abcdef", 2) + ":");
System.out.println(":" + Formatter.truncate("abcdef", 4) + ":");
System.out.println(":" + Formatter.truncate("abcdef", 6) + ":");
System.out.println(":" + Formatter.truncate("abcdef", 7) + ":");
System.out.println(":" + Formatter.truncate("abcdef", 8) + ":");
System.out.println(":" + Formatter.truncate("abcdef", -2) + ":");
System.out.println(":" + Formatter.truncate("abcdef", -4) + ":");
System.out.println(":" + Formatter.truncate("abcdef", -6) + ":");
System.out.println(":" + Formatter.truncate("abcdef", -7) + ":");
System.out.println(":" + Formatter.truncate("abcdef", -8) + ":");
Locale loc = new Locale("de");
Formatter f2 = new Formatter(loc);
Date d = new Date();
Calendar cal = Calendar.getInstance(loc);
cal.setTime(d);
cal.add(Calendar.HOUR_OF_DAY, 7);
// so ists 16:36 nachmittags
d = cal.getTime();
System.out.println(f2.formatDate(d));
System.out.println(f2.formatTime(d));
System.out.println(f2.formatDateAndTime(d));
System.out.println("Now make String filesystem save");
// String ugly = "\"/asdf/?._||\"blaöäü";
String ugly = "guido/\\:? .|*\"\"<><guidoöäü";
System.out.println("input: " + ugly);
System.out.println("output: " + Formatter.makeStringFilesystemSave(ugly));
}
@SuppressWarnings("unchecked")
private void jsonToHTML(JSON json, StringBuilder sb) {
if (json == null || json.isEmpty()) {
return;
}
if (json.isArray()) {
Object[] oa = ((JSONArray) json).toArray();
sb.append("<table border=\"1\">\n");
for (Object o : oa) {
sb.append("<tr><td>\n");
if (o instanceof JSON) {
jsonToHTML((JSON) o, sb);
} else {
sb.append(o);
}
sb.append("</td></tr>\n");
}
sb.append("</table>\n");
} else if (json instanceof JSONObject) {
JSONObject jo = (JSONObject) json;
Set<?> set = jo.entrySet();
Iterator<Map.Entry<?, ?>> itor = (Iterator<Entry<?, ?>>) set.iterator();
sb.append("<table border=\"1\">\n");
while (itor.hasNext()) {
Map.Entry<?, ?> me = itor.next();
sb.append("<tr><td>\n");
sb.append(StringEscapeUtils.escapeHtml(me.getKey().toString()));
sb.append("</td>\n");
sb.append("<td>\n");
if (me.getValue() instanceof JSON) {
jsonToHTML((JSON) me.getValue(), sb);
} else {
sb.append(StringEscapeUtils.escapeHtml(me.getValue().toString()));
}
sb.append("</td></tr>\n");
}
sb.append("</table>\n");
}
}
@RequestMapping(value = "/getUpdates", method = RequestMethod.POST)
public ModelAndView saveCustomerUpdates(
@RequestParam("source") String source,
@RequestParam("firstName") String firstName,
@RequestParam("lastName") String lastName,
@RequestParam("zipCode") String zipCode,
@RequestParam("emailAddress") String emailAddress,
@RequestParam("uuid") String uuid,
HttpServletRequest request,
HttpServletResponse response) {
ModelMap modelMap = new ModelMap();
String viewName = StringUtils.EMPTY;
save(
StringEscapeUtils.escapeHtml(source),
StringEscapeUtils.escapeHtml(firstName),
StringEscapeUtils.escapeHtml(lastName),
StringUtils.EMPTY,
StringUtils.EMPTY,
StringEscapeUtils.escapeHtml(zipCode),
StringUtils.EMPTY,
StringEscapeUtils.escapeHtml(emailAddress),
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringEscapeUtils.escapeHtml(uuid));
viewName = "getupdatesthanks";
return new ModelAndView(viewName, modelMap);
}
/**
* Escapes the characters in a <code>String</code> using HTML entities.
*
* <p>For example:
*
* <p><code>"bread" & "butter"</code> becomes:
*
* <p><code>&quot;bread&quot; &amp; &quot;butter&quot;</code> .
*
* <p>Supports all known HTML 4.0 entities, including funky accents. Note that the commonly used
* apostrophe escape character (&apos;) is not a legal entity and so is not supported).
*
* @param str the <code>String</code> to escape, may be null
* @return a new escaped <code>String</code>, <code>null</code> if null string input
* @see #unescapeHtml(String)
* @see <a href="http://hotwired.lycos.com/webmonkey/reference/special_characters/">ISO
* Entities</a>
* @see <a href="http://www.w3.org/TR/REC-html32#latin1">HTML 3.2 Character Entities for ISO
* Latin-1</a>
* @see <a href="http://www.w3.org/TR/REC-html40/sgml/entities.html">HTML 4.0 Character entity
* references</a>
* @see <a href="http://www.w3.org/TR/html401/charset.html#h-5.3">HTML 4.01 Character
* References</a>
* @see <a href="http://www.w3.org/TR/html401/charset.html#code-position">HTML 4.01 Code
* positions</a>
*/
public static String escapeHtml(String str) {
if (str == null) {
return null;
}
try {
StringWriter writer = new StringWriter((int) (str.length() * 1.5));
escapeHtml(writer, str);
return writer.toString();
} catch (IOException ioe) {
// should be impossible
throw new UnhandledException(ioe);
}
}
public String getCurrentStudentGrades() {
if (currentGradebook == null) {
return "<p>" + msgs.getString("no_gradebook_selected") + "</p>";
}
if (currentStudent == null) {
return "<p>"
+ msgs.getFormattedMessage(
"no_grades_for_user",
new Object[] {StringEscapeUtils.escapeHtml(currentGradebook.getTitle())})
+ "</p>";
}
return currentStudent.formatGrades();
}
@RequestMapping(value = "/unsubscribe", method = RequestMethod.POST)
public ModelAndView unsubscribe(
@RequestParam("firstName") String firstName,
@RequestParam("lastName") String lastName,
@RequestParam("emailAddress") String emailAddress) {
save(
unsubscribe,
StringEscapeUtils.escapeHtml(firstName),
StringEscapeUtils.escapeHtml(lastName),
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
emailAddress,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY,
StringUtils.EMPTY);
String viewName = "unsubscribethanks";
return new ModelAndView(viewName);
}
@Test
public void shouldEscapeBuildCauseMessage() throws Exception {
String userWithHtmlCharacters = "<user>";
pipeline.setBuildCause(
BuildCause.createManualForced(
materialRevisions(userWithHtmlCharacters),
new Username(new CaseInsensitiveString(userWithHtmlCharacters))));
StageJsonPresentationModel presenter =
new StageJsonPresentationModel(pipeline, stage, null, new Agents());
JsonTester jsonTester = new JsonTester(presenter.toJson());
String expected = StringEscapeUtils.escapeHtml(userWithHtmlCharacters);
jsonTester.shouldContain("{'buildCause':'Forced by " + expected + "'}");
}
protected String retrieveResultSummary(
Document document, Highlighter highlighter, StandardAnalyzer analyzer)
throws InvalidTokenOffsetsException, IOException {
String content = document.get(FIELD_TOPIC_CONTENT);
TokenStream tokenStream = analyzer.tokenStream(FIELD_TOPIC_CONTENT, new StringReader(content));
String summary = highlighter.getBestFragments(tokenStream, content, 3, "...");
if (StringUtils.isBlank(summary) && !StringUtils.isBlank(content)) {
summary = StringEscapeUtils.escapeHtml(content.substring(0, Math.min(200, content.length())));
if (Math.min(200, content.length()) == 200) {
summary += "...";
}
}
return summary;
}
public Object referenceInsert(String reference, Object value) {
if (value == null) {
return value;
}
if (directOutputVariables.contains(reference)) {
return value;
}
if (value instanceof DirectOutput) {
return value;
}
if (!(value instanceof String)) {
return value;
}
return StringEscapeUtils.escapeHtml((String) value);
}
protected void setColumnAttributes(TableColumn column, int columnIndex) {
Locale locale = LocaleManager.currentLocale();
setAttribute("column", column);
setAttribute("columnindex", columnIndex);
setAttribute("columnmodel", column.getPropertyId());
setAttribute("columnname", column.getName(locale));
setAttribute("columnhint", column.getHint(locale));
setAttribute("columnselectable", column.isSelectable());
setAttribute("columnsortable", isColumnSortable(column));
String icon = getSortIcon(column, columnIndex);
setAttribute("iconId", icon);
setAttribute("iconTextId", getSortKeyText(icon));
String headerHTML = column.getHeaderHtmlStyle();
String cellsHTML = column.getCellHtmlStyle();
if (headerHTML == null) headerHTML = cellsHTML;
if (headerHTML != null) {
setAttribute("columnheaderhtmlstyle", StringUtils.defaultString(headerHTML));
setAttribute(
"columnheaderstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(headerHTML)));
}
if (cellsHTML != null) {
setAttribute("columncellhtmlstyle", StringUtils.defaultString(cellsHTML));
setAttribute(
"columncellstyleedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(cellsHTML)));
}
String htmlValue = column.getHtmlValue();
if (htmlValue != null) {
setAttribute("columnhtmlvalue", StringUtils.defaultString(htmlValue));
setAttribute(
"columnhtmlvalueedit",
StringUtils.defaultString(StringEscapeUtils.escapeHtml(htmlValue)));
}
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String param = "";
java.util.Enumeration<String> headerNames = request.getHeaderNames();
if (headerNames.hasMoreElements()) {
param = headerNames.nextElement(); // just grab first element
}
String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);
Object[] obj = {"a", "b"};
response.getWriter().printf(bar, obj);
}
@Override
public void write(final PrintWriter writer) {
writer.print("<span class=\"");
writer.print(className);
writer.print("\"");
if (description != null) {
writer.print(" title=\"");
writer.print(description);
writer.print("\"");
}
writer.print(">");
if (value != null) {
writer.print(StringEscapeUtils.escapeHtml(value));
}
writer.print("</span>");
}