Exemplo n.º 1
0
 public void send() {
   EventBus eventBus = EventBusFactory.getDefault().eventBus();
   eventBus.publish(
       CHANNEL,
       new FacesMessage(
           StringEscapeUtils.escapeHtml(summary), StringEscapeUtils.escapeHtml(detail)));
 }
Exemplo n.º 2
0
  @SuppressWarnings({"unchecked"})
  private void handleIssueRequest(
      PersistenceManager pm, HttpServletRequest req, HttpServletResponse resp, String uri)
      throws IOException {
    if (req.getParameter("embed") == null) {
      show404(resp);
      return;
    }
    Pattern p = Pattern.compile("/issues/([^/?]+)");
    Matcher m = p.matcher(uri);
    if (!m.matches()) {
      show404(resp);
      return;
    }
    String hash = m.group(1);
    Map<String, DbIssue> map = persistenceHelper.findIssues(pm, Lists.<String>newArrayList(hash));
    DbIssue issue = map.get(hash);
    if (issue == null) {
      printHtmlPreface(resp);
      resp.getWriter()
          .println("<p>This issue has not been submitted to the " + getCloudName() + "</p>");
      LOGGER.info("Not in cloud");
      return;
    }

    List<DbEvaluation> list = Lists.newArrayList(sortAndFilterEvaluations(issue.getEvaluations()));
    LOGGER.info("Issue " + issue.getPrimaryClass() + " - " + list.size() + " comments");
    if (list.isEmpty()) {
      printHtmlPreface(resp);
      resp.getWriter().println("<p>No comments have been submitted for this issue</p>");
      return;
    }
    Collections.reverse(list);

    PrintWriter out = resp.getWriter();
    printHtmlPreface(resp);
    out.println("<table border=0 class=popup-evals cellspacing=15>");
    for (DbEvaluation evaluation : list) {
      out.println("<tr>");
      out.println(
          "<td>"
              + StringEscapeUtils.escapeHtml(evaluation.getEmail())
              + "<br><span class=timestamp>"
              + TIMESTAMP_FORMAT().format(new Date(evaluation.getWhen()))
              + " </span></td>");

      out.println(
          "<td><strong>"
              + StringEscapeUtils.escapeHtml(evaluation.getDesignation())
              + "</strong>"
              + " &mdash; "
              + StringEscapeUtils.escapeHtml(evaluation.getComment())
              + "</td>");
      out.println("</tr>");
    }
    out.println("</table>");
  }
Exemplo n.º 3
0
 private String encodeHLink(String uri_string, String name) throws URISyntaxException {
   // System.out.println("linking: >>"+uri_string);
   // URI uri = new URI(uri_string);
   return ("<a href="
       + StringEscapeUtils.escapeHtml(uri_string)
       + ">"
       + StringEscapeUtils.escapeHtml(name)
       + "</a>");
 }
 protected void setTableAttributes(TableHandler tableHandler) {
   Table table = tableHandler.getTable();
   setAttribute("currentpage", table.getCurrentPage());
   setAttribute("rowcount", table.getRowCount());
   setAttribute("maxrowspage", table.getMaxRowsPerPage());
   setAttribute("headerposition", table.getHeaderPosition());
   setAttribute(
       "htmlstyleedit",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getHtmlStyle())));
   setAttribute(
       "rowevenstyleedit",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowEvenStyle())));
   setAttribute(
       "rowoddstyleedit",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowOddStyle())));
   setAttribute(
       "rowhoverstyleedit",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowHoverStyle())));
   setAttribute(
       "htmlclass", StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getHtmlClass())));
   setAttribute(
       "rowevenclass",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowEventClass())));
   setAttribute(
       "rowoddclass",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowOddClass())));
   setAttribute(
       "rowhoverclass",
       StringUtils.defaultString(StringEscapeUtils.escapeHtml(table.getRowHoverClass())));
   setAttribute("htmlstyleview", table.getHtmlStyle());
 }
Exemplo n.º 5
0
 /**
  * Build the HTML anchor link to a topic page for a given WikLink object.
  *
  * @param context The servlet context for the link that is being created.
  * @param virtualWiki The virtual wiki for the link that is being created.
  * @param wikiLink The WikiLink object containing all relevant information about the link being
  *     generated.
  * @param text The text to display as the link content.
  * @param style The CSS class to use with the anchor HTML tag. This value can be <code>null</code>
  *     or empty if no custom style is used.
  * @param target The anchor link target, or <code>null</code> or empty if no target is needed.
  * @param escapeHtml Set to <code>true</code> if the link caption should be HTML escaped. This
  *     value should be <code>true</code> in any case where the caption is not guaranteed to be
  *     free from potentially malicious HTML code.
  * @return An HTML anchor link that matches the given input parameters.
  * @throws DataAccessException Thrown if any error occurs while retrieving topic information.
  */
 public static String buildInternalLinkHtml(
     String context,
     String virtualWiki,
     WikiLink wikiLink,
     String text,
     String style,
     String target,
     boolean escapeHtml)
     throws DataAccessException {
   String url = LinkUtil.buildTopicUrl(context, virtualWiki, wikiLink);
   String topic = wikiLink.getDestination();
   if (StringUtils.isBlank(text)) {
     text = topic;
   }
   if (!StringUtils.isBlank(topic) && StringUtils.isBlank(style)) {
     if (!StringUtils.isEmpty(virtualWiki) && InterWikiHandler.isInterWiki(virtualWiki)) {
       style = "interwiki";
     } else if (!LinkUtil.isExistingArticle(virtualWiki, topic)) {
       style = "edit";
     }
   }
   if (!StringUtils.isBlank(style)) {
     style = " class=\"" + style + "\"";
   } else {
     style = "";
   }
   if (!StringUtils.isBlank(target)) {
     target = " target=\"" + target + "\"";
   } else {
     target = "";
   }
   if (StringUtils.isBlank(topic) && !StringUtils.isBlank(wikiLink.getSection())) {
     topic = wikiLink.getSection();
   }
   StringBuffer html = new StringBuffer();
   html.append("<a href=\"").append(url).append('\"').append(style);
   html.append(" title=\"")
       .append(StringEscapeUtils.escapeHtml(topic))
       .append('\"')
       .append(target)
       .append('>');
   if (escapeHtml) {
     html.append(StringEscapeUtils.escapeHtml(text));
   } else {
     html.append(text);
   }
   html.append("</a>");
   return html.toString();
 }
Exemplo n.º 6
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    String param = "";
    java.util.Enumeration<String> names = request.getParameterNames();
    if (names.hasMoreElements()) {
      param = names.nextElement(); // just grab first element
    }

    String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);

    String sql = "{call verifyUserPassword('foo','" + bar + "')}";

    try {
      java.sql.Connection connection =
          org.owasp.benchmark.helpers.DatabaseHelper.getSqlConnection();
      java.sql.CallableStatement statement =
          connection.prepareCall(
              sql,
              java.sql.ResultSet.TYPE_FORWARD_ONLY,
              java.sql.ResultSet.CONCUR_READ_ONLY,
              java.sql.ResultSet.CLOSE_CURSORS_AT_COMMIT);
      statement.execute();
    } catch (java.sql.SQLException e) {
      throw new ServletException(e);
    }
  }
 public void appendText(
     String text, boolean escapeHtml, boolean bold, boolean italic, String color) {
   if (bold) {
     textBuilder.append("<b>");
   }
   if (italic) {
     textBuilder.append("<i>");
   }
   if (color != null) {
     textBuilder.append("<font color=\"" + color + "\">");
   }
   if (escapeHtml) {
     text = StringEscapeUtils.escapeHtml(text);
   }
   textBuilder.append(text);
   if (color != null) {
     textBuilder.append("</font>");
   }
   if (italic) {
     textBuilder.append("</i>");
   }
   if (bold) {
     textBuilder.append("</b>");
   }
 }
Exemplo n.º 8
0
  public String toHTML(String template) {
    String templateText = "";
    File templateFile = new File(Consts.TEMPLATESPATH + "/" + template + ".tpl");
    try {
      templateText = new String(Files.readAllBytes(templateFile.toPath()), StandardCharsets.UTF_8);

      Class<?> c = this.getClass();
      Field[] fields = c.getDeclaredFields();

      // TODO:setSpec
      for (Field field : fields) {
        String replaceStr = StringEscapeUtils.escapeHtml(field.get(this).toString());
        templateText =
            templateText.replaceAll(
                "\\{\\$" + field.getName() + "\\}", Matcher.quoteReplacement(replaceStr));
      }
    } catch (IllegalAccessException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    } catch (IOException e) {
      // TODO Auto-generated catch block
      e.printStackTrace();
    }

    return templateText;
  }
Exemplo n.º 9
0
 /**
  * 构造一个在页面加载完成自动提交的表单,可用于post表单数据(请求支付)等等。
  *
  * @param params 提交参数
  * @param actionUrl form action url
  * @param charset mete content charset
  */
 public static String createAutoSubmitForm(
     Map<String, String> params, String actionUrl, String charset) {
   StringBuffer sb = new StringBuffer();
   sb.append("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
   sb.append("<html>");
   sb.append("<head>");
   sb.append("<title>跳转......</title>");
   sb.append("<meta http-equiv=\"Content-Type\" content=\"text/html; charset=" + charset + "\">");
   sb.append("</head>");
   sb.append("<body>");
   sb.append(
       "<form action=\"" + actionUrl + "\" method=\"post\" id=\"frm1\" style=\"display:none;\">");
   for (String key : params.keySet()) {
     sb.append(
         "<input type=\"hidden\" name=\""
             + key
             + "\" value=\""
             + StringEscapeUtils.escapeHtml(params.get(key))
             + "\">");
   }
   sb.append("</form>");
   sb.append(
       "<script type=\"text/javascript\">document.getElementById(\"frm1\").submit()</script>");
   sb.append("</body>");
   return sb.toString();
 }
Exemplo n.º 10
0
  public String getSelectedStudentGrades() {
    if (currentGradebook == null) {
      return "<p>" + msgs.getString("no_gradebook_selected") + "</p>";
    }

    if (currentGradebook.getUsernames() == null || currentGradebook.getUsernames().isEmpty()) {
      return "<p>"
          + msgs.getFormattedMessage(
              "no_grades_in_gradebook",
              new Object[] {StringEscapeUtils.escapeHtml(currentGradebook.getTitle())})
          + "</p>";
    }

    if (selectedStudent == null || selectedStudent.equals("")) {
      return msgs.getString("select_participant");
    }

    StudentGrades selStudent =
        gradebookManager.getStudentByGBAndUsername(currentGradebook, selectedStudent);
    if (selStudent != null) {
      selStudent.setGradebook(currentGradebook);
      return selStudent.formatGrades();
    }

    return msgs.getString("select_participant");
  }
Exemplo n.º 11
0
 @Override
 public void render(
     final StringOutput sb,
     final Renderer renderer,
     final Object val,
     final Locale locale,
     final int alignment,
     final String action) {
   if (renderer == null) {
     // render for export
     String value = getCellValue(val);
     if (!StringHelper.containsNonWhitespace(value)) {
       value = getHoverText(val);
     }
     sb.append(value);
   } else {
     sb.append("<i class='").append(getCssClass(val)).append("'> </i> <span");
     String hoverText = getHoverText(val);
     if (StringHelper.containsNonWhitespace(hoverText)) {
       sb.append(" title=\"");
       sb.append(StringEscapeUtils.escapeHtml(hoverText));
     }
     sb.append("\">");
     sb.append(getCellValue(val));
     sb.append("</span>");
   }
 }
 @Override
 public String getInclude(String url) {
   StringBuffer buf = new StringBuffer();
   buf.append("<esi:include src=\"");
   buf.append(StringEscapeUtils.escapeHtml(url));
   buf.append("\"/>");
   return buf.toString();
 }
Exemplo n.º 13
0
 public static String escapeScriptTag(final String s) {
   if (StringUtils.isEmpty(s)) {
     return s;
   } else {
     String escapedLabel = s.toLowerCase();
     if (!(escapedLabel.matches(".*<.*script.*>.*")
         || escapedLabel.matches(
             ".*javascript\\s*:.*"))) // only truly script if in <> or with :, overly strict for
                                      // nows
     {
       return unescapeHtmlWithExceptions(StringEscapeUtils.escapeHtml(s));
     } else {
       escapedLabel =
           StringUtils.replace(escapedLabel, "script", "POSSIBLE INLINE JAVASCRIPT REMOVED");
       return unescapeHtmlWithExceptions(StringEscapeUtils.escapeHtml(escapedLabel));
     }
   }
 }
Exemplo n.º 14
0
 /**
  * Get command-label map for a Selection widget
  *
  * @return String representing JSON object
  */
 private String getMappingsJSON(Selection w) {
   JsonObject resultObject = new JsonObject();
   for (Mapping mapping : w.getMappings()) {
     resultObject.addProperty(mapping.getCmd(), mapping.getLabel());
   }
   String result = resultObject.toString();
   result = StringEscapeUtils.escapeHtml(result);
   return result;
 }
Exemplo n.º 15
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    response.setContentType("text/html");

    java.util.Map<String, String[]> map = request.getParameterMap();
    String param = "";
    if (!map.isEmpty()) {
      String[] values = map.get("vector");
      if (values != null) param = values[0];
    }

    String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);

    double value = java.lang.Math.random();
    String rememberMeKey = Double.toString(value).substring(2); // Trim off the 0. at the front.

    String user = "******";
    String fullClassName = this.getClass().getName();
    String testCaseNumber =
        fullClassName.substring(fullClassName.lastIndexOf('.') + 1 + "BenchmarkTest".length());
    user += testCaseNumber;

    String cookieName = "rememberMe" + testCaseNumber;

    boolean foundUser = false;
    javax.servlet.http.Cookie[] cookies = request.getCookies();
    for (int i = 0; cookies != null && ++i < cookies.length && !foundUser; ) {
      javax.servlet.http.Cookie cookie = cookies[i];
      if (cookieName.equals(cookie.getName())) {
        if (cookie.getValue().equals(request.getSession().getAttribute(cookieName))) {
          foundUser = true;
        }
      }
    }

    if (foundUser) {
      response.getWriter().println("Welcome back: " + user + "<br/>");
    } else {
      javax.servlet.http.Cookie rememberMe =
          new javax.servlet.http.Cookie(cookieName, rememberMeKey);
      rememberMe.setSecure(true);
      request.getSession().setAttribute(cookieName, rememberMeKey);
      response.addCookie(rememberMe);
      response
          .getWriter()
          .println(
              user
                  + " has been remembered with cookie: "
                  + rememberMe.getName()
                  + " whose value is: "
                  + rememberMe.getValue()
                  + "<br/>");
    }
    response.getWriter().println("Weak Randomness Test java.lang.Math.random() executed");
  }
  private void buildStepTagRows(final StringBuilder buf, final Collection<StepDescriptor> infos) {

    for (final StepDescriptor info : infos) {

      log.debug(
          "info non escaped: "
              + info.getExpression()
              + "\n\tescaped:\n"
              + StringEscapeUtils.escapeHtml(info.getExpression()));

      buf.append(
              String.format(
                  TABLE_ROW_FORMAT,
                  StringEscapeUtils.escapeHtml(info.getExpression()),
                  info.getExample().replaceAll("\n", " "),
                  StringEscapeUtils.escapeHtml(info.getDescription()).replaceAll("\n", " ")))
          .append("\n");
    }
  }
Exemplo n.º 17
0
 public static String escapeHtml(String string) {
   return string == null
       ? null
       : StringUtils.replaceAll(
           StringEscapeUtils.escapeHtml(string),
           "\\x22",
           "&#34;", // double quote
           "\\x27",
           "&#39;"); // single quote
 }
 private void nodeFilter(Node node) {
   LinkedList<Node> currentChildNode = node.getChildNodes();
   if (node.getParentNode() != null) {
     if (!node.getContent().equals("")) {
       node.setContent(StringEscapeUtils.escapeHtml(node.getContent()));
     }
   }
   for (int i = 0; i < currentChildNode.size(); i++) {
     nodeFilter(currentChildNode.get(i));
   }
 }
Exemplo n.º 19
0
  /**
   * some old testing
   *
   * @param args
   */
  public static void main(String[] args) {
    System.out.println("hello");
    // log.debug(linePrepend("asdfsdf. bla and. \n2.line\n3.third",">"));
    // log.debug(escape("bla<>and so on &&\nsecond line").toString());

    System.out.println(":" + StringEscapeUtils.escapeHtml("abcdef&<>") + ":");
    System.out.println(":" + StringEscapeUtils.escapeHtml("&#256;<ba>abcdef&<>") + ":");
    System.out.println(":" + StringEscapeUtils.escapeHtml("&#256;\n<ba>\nabcdef&<>") + ":");

    System.out.println(":" + Formatter.truncate("abcdef", 0) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", 2) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", 4) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", 6) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", 7) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", 8) + ":");

    System.out.println(":" + Formatter.truncate("abcdef", -2) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", -4) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", -6) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", -7) + ":");
    System.out.println(":" + Formatter.truncate("abcdef", -8) + ":");

    Locale loc = new Locale("de");
    Formatter f2 = new Formatter(loc);
    Date d = new Date();
    Calendar cal = Calendar.getInstance(loc);
    cal.setTime(d);
    cal.add(Calendar.HOUR_OF_DAY, 7);
    // so ists 16:36 nachmittags
    d = cal.getTime();
    System.out.println(f2.formatDate(d));
    System.out.println(f2.formatTime(d));
    System.out.println(f2.formatDateAndTime(d));

    System.out.println("Now make String filesystem save");
    // String ugly = "\"/asdf/?._||\"blaöäü";
    String ugly = "guido/\\:? .|*\"\"<><guidoöäü";
    System.out.println("input: " + ugly);
    System.out.println("output: " + Formatter.makeStringFilesystemSave(ugly));
  }
Exemplo n.º 20
0
  @SuppressWarnings("unchecked")
  private void jsonToHTML(JSON json, StringBuilder sb) {
    if (json == null || json.isEmpty()) {
      return;
    }

    if (json.isArray()) {
      Object[] oa = ((JSONArray) json).toArray();
      sb.append("<table border=\"1\">\n");
      for (Object o : oa) {
        sb.append("<tr><td>\n");
        if (o instanceof JSON) {
          jsonToHTML((JSON) o, sb);
        } else {
          sb.append(o);
        }
        sb.append("</td></tr>\n");
      }
      sb.append("</table>\n");
    } else if (json instanceof JSONObject) {
      JSONObject jo = (JSONObject) json;
      Set<?> set = jo.entrySet();
      Iterator<Map.Entry<?, ?>> itor = (Iterator<Entry<?, ?>>) set.iterator();
      sb.append("<table border=\"1\">\n");
      while (itor.hasNext()) {
        Map.Entry<?, ?> me = itor.next();
        sb.append("<tr><td>\n");
        sb.append(StringEscapeUtils.escapeHtml(me.getKey().toString()));
        sb.append("</td>\n");
        sb.append("<td>\n");
        if (me.getValue() instanceof JSON) {
          jsonToHTML((JSON) me.getValue(), sb);
        } else {
          sb.append(StringEscapeUtils.escapeHtml(me.getValue().toString()));
        }
        sb.append("</td></tr>\n");
      }
      sb.append("</table>\n");
    }
  }
Exemplo n.º 21
0
  @RequestMapping(value = "/getUpdates", method = RequestMethod.POST)
  public ModelAndView saveCustomerUpdates(
      @RequestParam("source") String source,
      @RequestParam("firstName") String firstName,
      @RequestParam("lastName") String lastName,
      @RequestParam("zipCode") String zipCode,
      @RequestParam("emailAddress") String emailAddress,
      @RequestParam("uuid") String uuid,
      HttpServletRequest request,
      HttpServletResponse response) {

    ModelMap modelMap = new ModelMap();
    String viewName = StringUtils.EMPTY;
    save(
        StringEscapeUtils.escapeHtml(source),
        StringEscapeUtils.escapeHtml(firstName),
        StringEscapeUtils.escapeHtml(lastName),
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringEscapeUtils.escapeHtml(zipCode),
        StringUtils.EMPTY,
        StringEscapeUtils.escapeHtml(emailAddress),
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringEscapeUtils.escapeHtml(uuid));

    viewName = "getupdatesthanks";

    return new ModelAndView(viewName, modelMap);
  }
Exemplo n.º 22
0
 /**
  * Escapes the characters in a <code>String</code> using HTML entities.
  *
  * <p>For example:
  *
  * <p><code>"bread" & "butter"</code> becomes:
  *
  * <p><code>&amp;quot;bread&amp;quot; &amp;amp; &amp;quot;butter&amp;quot;</code> .
  *
  * <p>Supports all known HTML 4.0 entities, including funky accents. Note that the commonly used
  * apostrophe escape character (&amp;apos;) is not a legal entity and so is not supported).
  *
  * @param str the <code>String</code> to escape, may be null
  * @return a new escaped <code>String</code>, <code>null</code> if null string input
  * @see #unescapeHtml(String)
  * @see <a href="http://hotwired.lycos.com/webmonkey/reference/special_characters/">ISO
  *     Entities</a>
  * @see <a href="http://www.w3.org/TR/REC-html32#latin1">HTML 3.2 Character Entities for ISO
  *     Latin-1</a>
  * @see <a href="http://www.w3.org/TR/REC-html40/sgml/entities.html">HTML 4.0 Character entity
  *     references</a>
  * @see <a href="http://www.w3.org/TR/html401/charset.html#h-5.3">HTML 4.01 Character
  *     References</a>
  * @see <a href="http://www.w3.org/TR/html401/charset.html#code-position">HTML 4.01 Code
  *     positions</a>
  */
 public static String escapeHtml(String str) {
   if (str == null) {
     return null;
   }
   try {
     StringWriter writer = new StringWriter((int) (str.length() * 1.5));
     escapeHtml(writer, str);
     return writer.toString();
   } catch (IOException ioe) {
     // should be impossible
     throw new UnhandledException(ioe);
   }
 }
Exemplo n.º 23
0
  public String getCurrentStudentGrades() {

    if (currentGradebook == null) {
      return "<p>" + msgs.getString("no_gradebook_selected") + "</p>";
    }
    if (currentStudent == null) {
      return "<p>"
          + msgs.getFormattedMessage(
              "no_grades_for_user",
              new Object[] {StringEscapeUtils.escapeHtml(currentGradebook.getTitle())})
          + "</p>";
    }
    return currentStudent.formatGrades();
  }
Exemplo n.º 24
0
  @RequestMapping(value = "/unsubscribe", method = RequestMethod.POST)
  public ModelAndView unsubscribe(
      @RequestParam("firstName") String firstName,
      @RequestParam("lastName") String lastName,
      @RequestParam("emailAddress") String emailAddress) {
    save(
        unsubscribe,
        StringEscapeUtils.escapeHtml(firstName),
        StringEscapeUtils.escapeHtml(lastName),
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        emailAddress,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY,
        StringUtils.EMPTY);

    String viewName = "unsubscribethanks";
    return new ModelAndView(viewName);
  }
  @Test
  public void shouldEscapeBuildCauseMessage() throws Exception {
    String userWithHtmlCharacters = "<user>";
    pipeline.setBuildCause(
        BuildCause.createManualForced(
            materialRevisions(userWithHtmlCharacters),
            new Username(new CaseInsensitiveString(userWithHtmlCharacters))));
    StageJsonPresentationModel presenter =
        new StageJsonPresentationModel(pipeline, stage, null, new Agents());

    JsonTester jsonTester = new JsonTester(presenter.toJson());
    String expected = StringEscapeUtils.escapeHtml(userWithHtmlCharacters);
    jsonTester.shouldContain("{'buildCause':'Forced by " + expected + "'}");
  }
Exemplo n.º 26
0
 protected String retrieveResultSummary(
     Document document, Highlighter highlighter, StandardAnalyzer analyzer)
     throws InvalidTokenOffsetsException, IOException {
   String content = document.get(FIELD_TOPIC_CONTENT);
   TokenStream tokenStream = analyzer.tokenStream(FIELD_TOPIC_CONTENT, new StringReader(content));
   String summary = highlighter.getBestFragments(tokenStream, content, 3, "...");
   if (StringUtils.isBlank(summary) && !StringUtils.isBlank(content)) {
     summary = StringEscapeUtils.escapeHtml(content.substring(0, Math.min(200, content.length())));
     if (Math.min(200, content.length()) == 200) {
       summary += "...";
     }
   }
   return summary;
 }
 public Object referenceInsert(String reference, Object value) {
   if (value == null) {
     return value;
   }
   if (directOutputVariables.contains(reference)) {
     return value;
   }
   if (value instanceof DirectOutput) {
     return value;
   }
   if (!(value instanceof String)) {
     return value;
   }
   return StringEscapeUtils.escapeHtml((String) value);
 }
  protected void setColumnAttributes(TableColumn column, int columnIndex) {
    Locale locale = LocaleManager.currentLocale();
    setAttribute("column", column);
    setAttribute("columnindex", columnIndex);
    setAttribute("columnmodel", column.getPropertyId());
    setAttribute("columnname", column.getName(locale));
    setAttribute("columnhint", column.getHint(locale));
    setAttribute("columnselectable", column.isSelectable());
    setAttribute("columnsortable", isColumnSortable(column));
    String icon = getSortIcon(column, columnIndex);
    setAttribute("iconId", icon);
    setAttribute("iconTextId", getSortKeyText(icon));

    String headerHTML = column.getHeaderHtmlStyle();
    String cellsHTML = column.getCellHtmlStyle();
    if (headerHTML == null) headerHTML = cellsHTML;
    if (headerHTML != null) {
      setAttribute("columnheaderhtmlstyle", StringUtils.defaultString(headerHTML));
      setAttribute(
          "columnheaderstyleedit",
          StringUtils.defaultString(StringEscapeUtils.escapeHtml(headerHTML)));
    }
    if (cellsHTML != null) {
      setAttribute("columncellhtmlstyle", StringUtils.defaultString(cellsHTML));
      setAttribute(
          "columncellstyleedit",
          StringUtils.defaultString(StringEscapeUtils.escapeHtml(cellsHTML)));
    }
    String htmlValue = column.getHtmlValue();
    if (htmlValue != null) {
      setAttribute("columnhtmlvalue", StringUtils.defaultString(htmlValue));
      setAttribute(
          "columnhtmlvalueedit",
          StringUtils.defaultString(StringEscapeUtils.escapeHtml(htmlValue)));
    }
  }
Exemplo n.º 29
0
  @Override
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

    String param = "";
    java.util.Enumeration<String> headerNames = request.getHeaderNames();
    if (headerNames.hasMoreElements()) {
      param = headerNames.nextElement(); // just grab first element
    }

    String bar = org.apache.commons.lang.StringEscapeUtils.escapeHtml(param);

    Object[] obj = {"a", "b"};

    response.getWriter().printf(bar, obj);
  }
Exemplo n.º 30
0
 @Override
 public void write(final PrintWriter writer) {
   writer.print("<span class=\"");
   writer.print(className);
   writer.print("\"");
   if (description != null) {
     writer.print(" title=\"");
     writer.print(description);
     writer.print("\"");
   }
   writer.print(">");
   if (value != null) {
     writer.print(StringEscapeUtils.escapeHtml(value));
   }
   writer.print("</span>");
 }