axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Glen Daniels <gdani...@macromedia.com>
Subject RE: cvs commit: xml-axis/java/src/org/apache/axis AxisFault.java
Date Wed, 15 Jan 2003 23:43:15 GMT

+1 to the concept

-0 to the implementation

Wouldn't it be clearer to call it dumpToEncodedString() or somesuch and avoid the boolean
arg?

--Glen

> -----Original Message-----
> From: stevel@apache.org [mailto:stevel@apache.org]
> Sent: Wednesday, January 15, 2003 6:31 PM
> To: xml-axis-cvs@apache.org
> Subject: cvs commit: xml-axis/java/src/org/apache/axis AxisFault.java
> 
> 
> stevel      2003/01/15 15:30:40
> 
>   Modified:    java/src/org/apache/axis AxisFault.java
>   Log:
>   bug 16147; extend dumpString() to allow for the option to 
> escape all fault strings. This is an option as we dont want 
> it during debugging, just html display.
>   
>   Revision  Changes    Path
>   1.67      +30 -6     
> xml-axis/java/src/org/apache/axis/AxisFault.java
>   
>   Index: AxisFault.java
>   ===================================================================
>   RCS file: 
> /home/cvs/xml-axis/java/src/org/apache/axis/AxisFault.java,v
>   retrieving revision 1.66
>   retrieving revision 1.67
>   diff -u -r1.66 -r1.67
>   --- AxisFault.java	14 Jan 2003 06:40:53 -0000	1.66
>   +++ AxisFault.java	15 Jan 2003 23:30:40 -0000	1.67
>   @@ -315,7 +315,18 @@
>         * turn the fault and details into a string
>         * @return stringified fault details
>         */
>   -    public String dumpToString()
>   +    public String dumpToString() {
>   +        return dumpToString(true);
>   +    }
>   +
>   +    /**
>   +     * turn the fault and details into a string, with or 
> without XML escaping.
>   +     * subclassers: for security (cross-site-scripting) reasons, 
>   +     * escape everything that could contain caller-supplied data. 
>   +     * @param escapeText flag to control whether to XML 
> escape everything
>   +     * @return stringified fault details
>   +     */
>   +    public String dumpToString(boolean escapeText)
>        {
>            String details = new String();
>    
>   @@ -336,7 +347,7 @@
>                              + XMLUtils.getInnerXMLString(e);
>                }
>            }
>   -        
>   +
>            String subCodes = new String();
>            if (faultSubCode != null) {
>                for (int i = 0; i < faultSubCode.size(); i++) {
>   @@ -345,13 +356,26 @@
>    
>                }
>            }
>   +        String code=faultCode.toString();
>   +        String errorString=faultString;
>   +        String actor=faultActor;
>   +        String node=faultNode;
>   +
>   +        if (escapeText) {
>   +            //encode everything except details and 
> subcodes, which are already
>   +            //dealt with one way or another.
>   +            code= XMLUtils.xmlEncodeString(code);
>   +            errorString = XMLUtils.xmlEncodeString(errorString);
>   +            actor= XMLUtils.xmlEncodeString(actor);
>   +            node = XMLUtils.xmlEncodeString(node);
>   +        }
>    
>            return "AxisFault" + JavaUtils.LS
>   -            + " faultCode: " + faultCode + JavaUtils.LS
>   +            + " faultCode: " + code + JavaUtils.LS
>                + " faultSubcode: " + subCodes + JavaUtils.LS
>   -            + " faultString: " + faultString + JavaUtils.LS
>   -            + " faultActor: " + faultActor + JavaUtils.LS
>   -            + " faultNode: " + faultNode + JavaUtils.LS
>   +            + " faultString: " + errorString + JavaUtils.LS
>   +            + " faultActor: " + actor + JavaUtils.LS
>   +            + " faultNode: " + node + JavaUtils.LS
>                + " faultDetail: " + details + JavaUtils.LS
>                ;
>        }
>   
>   
>   
> 

Mime
View raw message