ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From atk...@apache.org
Subject ambari git commit: AMBARI-11648 Widgets: clone does not escape chars. (atkach)
Date Wed, 03 Jun 2015 13:55:56 GMT
Repository: ambari
Updated Branches:
  refs/heads/trunk 627401f6e -> 5e778f0c1


AMBARI-11648 Widgets: clone does not escape chars. (atkach)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/5e778f0c
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/5e778f0c
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/5e778f0c

Branch: refs/heads/trunk
Commit: 5e778f0c11942ec7d67dfe511e45bf270fa2f6bc
Parents: 627401f
Author: Andrii Tkach <atkach@hortonworks.com>
Authored: Wed Jun 3 16:14:40 2015 +0300
Committer: Andrii Tkach <atkach@hortonworks.com>
Committed: Wed Jun 3 16:55:23 2015 +0300

----------------------------------------------------------------------
 ambari-web/app/mixins/common/widgets/widget_mixin.js |  3 ++-
 ambari-web/app/utils/string_utils.js                 | 10 ++++++++++
 ambari-web/test/utils/string_utils_test.js           | 14 ++++++++++++++
 3 files changed, 26 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/5e778f0c/ambari-web/app/mixins/common/widgets/widget_mixin.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/mixins/common/widgets/widget_mixin.js b/ambari-web/app/mixins/common/widgets/widget_mixin.js
index bda5a37..c48aecb 100644
--- a/ambari-web/app/mixins/common/widgets/widget_mixin.js
+++ b/ambari-web/app/mixins/common/widgets/widget_mixin.js
@@ -17,6 +17,7 @@
  */
 
 var App = require('app');
+var stringUtils = require('utils/string_utils');
 
 App.WidgetMixin = Ember.Mixin.create({
 
@@ -494,7 +495,7 @@ App.WidgetMixin = Ember.Mixin.create({
       function () {
         self.postWidgetDefinition(true);
       },
-      Em.I18n.t('widget.clone.body').format(self.get('content.widgetName')),
+      Em.I18n.t('widget.clone.body').format(stringUtils.htmlEntities(self.get('content.widgetName'))),
       null,
       null,
       Em.I18n.t('common.clone')

http://git-wip-us.apache.org/repos/asf/ambari/blob/5e778f0c/ambari-web/app/utils/string_utils.js
----------------------------------------------------------------------
diff --git a/ambari-web/app/utils/string_utils.js b/ambari-web/app/utils/string_utils.js
index 7a451bd..d38fb29 100644
--- a/ambari-web/app/utils/string_utils.js
+++ b/ambari-web/app/utils/string_utils.js
@@ -204,5 +204,15 @@ module.exports = {
       return plural;
     }
     return singular;
+  },
+
+  /**
+   * decode html entities
+   * @param {string} string
+   * @returns {string}
+   */
+  htmlEntities: function (string) {
+    if (typeof string !== 'string') return "";
+    return $("<div/>").text(string).html();
   }
 };

http://git-wip-us.apache.org/repos/asf/ambari/blob/5e778f0c/ambari-web/test/utils/string_utils_test.js
----------------------------------------------------------------------
diff --git a/ambari-web/test/utils/string_utils_test.js b/ambari-web/test/utils/string_utils_test.js
index 625aa75..9df143f 100644
--- a/ambari-web/test/utils/string_utils_test.js
+++ b/ambari-web/test/utils/string_utils_test.js
@@ -241,4 +241,18 @@ describe('string_utils', function () {
       });
     });
   });
+
+  describe("#htmlEntities()", function() {
+    var tests = [
+      {t: undefined, e: ''},
+      {t: '', e: ''},
+      {t: 'abc', e: 'abc'},
+      {t: 'abc<script>abc', e: 'abc&lt;script&gt;abc'}
+    ];
+    tests.forEach(function(test) {
+      it('Check ' + typeof test.t, function () {
+        expect(string_utils.htmlEntities(test.t)).to.equal(test.e);
+      });
+    });
+  });
 });


Mime
View raw message