chukwa-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ey...@apache.org
Subject svn commit: r760281 [1/2] - in /hadoop/chukwa/trunk/src: java/org/apache/hadoop/chukwa/hicc/ java/org/apache/hadoop/chukwa/util/ test/org/apache/hadoop/chukwa/util/ web/hicc/ web/hicc/css/images/ web/hicc/descriptors/ web/hicc/jsp/
Date Tue, 31 Mar 2009 01:02:38 GMT
Author: eyang
Date: Tue Mar 31 01:02:36 2009
New Revision: 760281

URL: http://svn.apache.org/viewvc?rev=760281&view=rev
Log:
CHUKWA-54. Implemented Cross Site Scripting filter. (Eric Yang)

Added:
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/util/XssFilter.java
    hadoop/chukwa/trunk/src/test/org/apache/hadoop/chukwa/util/TestXSSFilter.java
    hadoop/chukwa/trunk/src/web/hicc/css/images/navbar-selected.gif   (with props)
    hadoop/chukwa/trunk/src/web/hicc/css/images/titlebar.gif   (with props)
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_counter.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_rate.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_counter.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_rate.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_counter.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_rate.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/sql_charter.descriptor
    hadoop/chukwa/trunk/src/web/hicc/jsp/permlink.jsp
Removed:
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hod_job.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hod_job_chart.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/hod_job_list.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/node_utilization_by_job.descriptor
Modified:
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Chart.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/DatasetMapper.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Iframe.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/JSONLoader.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/TimeHandler.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Views.java
    hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Workspace.java
    hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk_pcnt.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics_pcnt.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/debug.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_fsnamesystem.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_throughput.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/disk.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/disk_pcnt.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/node_activity_chart.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics.descriptor
    hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics_pcnt.descriptor
    hadoop/chukwa/trunk/src/web/hicc/index.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/chart.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/cluster_selector.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/event2_viewer.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_data.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_helper.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/event_wrapper.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job_list.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/host_selector.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/session.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/single-series-chart-javascript.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/time.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/time_frame.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/time_range.jsp
    hadoop/chukwa/trunk/src/web/hicc/jsp/time_slider_wrapper.jsp

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Chart.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Chart.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Chart.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Chart.java Tue Mar 31 01:02:36 2009
@@ -32,6 +32,7 @@
 import java.text.SimpleDateFormat;
 import javax.servlet.http.HttpServletRequest;
 import org.apache.hadoop.chukwa.hicc.ColorPicker;
+import org.apache.hadoop.chukwa.util.XssFilter;
 
 public class Chart {
   private String id;
@@ -57,10 +58,12 @@
   private List<String> rightList;
   private boolean userDefinedMax = false;
   private String[] seriesOrder = null;
-
+  private XssFilter xf = null;
+  
   public Chart(HttpServletRequest request) {
-    if (request != null && request.getParameter("boxId") != null) {
-      this.id = request.getParameter("boxId");
+    xf = new XssFilter(request);
+    if (request != null && xf.getParameter("boxId") != null) {
+      this.id = xf.getParameter("boxId");
     } else {
       this.id = "0";
     }
@@ -166,10 +169,13 @@
     String dateFormat = "%H:%M";
     if (xLabel.intern() == "Time".intern()) {
       SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
-      long xMin;
       try {
-        xMin = Long.parseLong(xLabelRange.get(0));
-        long xMax = Long.parseLong(xLabelRange.get(xLabelRange.size() - 1));
+        long xMin = 0;
+        long xMax = 0;
+        if(xLabelRange!=null && xLabelRange.size()>0) {
+          xMin = Long.parseLong(xLabelRange.get(0));
+          xMax = Long.parseLong(xLabelRange.get(xLabelRange.size() - 1));
+        }
         if (xMax - xMin > 31536000000L) {
           dateFormat = "%y";
         } else if (xMax - xMin > 2592000000L) {
@@ -192,11 +198,11 @@
       xAxisOptions
           .append("tickFormatter: function (val, axis) { return xLabels[Math.round(val)]; }, ticks: 0");
     }
-    if (request != null && request.getParameter("format") == null) {
+    if (request != null && xf.getParameter("format") == null) {
       output
           .append("<html><link href=\"/hicc/css/default.css\" rel=\"stylesheet\" type=\"text/css\">\n");
       output
-          .append("<body onresize=\"wholePeriod()\"><script type=\"text/javascript\" src=\"/hicc/js/jquery-1.2.6.min.js\"></script>\n");
+          .append("<body onresize=\"wholePeriod();\"><script type=\"text/javascript\" src=\"/hicc/js/jquery-1.2.6.min.js\"></script>\n");
       output
           .append("<script type=\"text/javascript\" src=\"/hicc/js/jquery.flot.pack.js\"></script>\n");
       output
@@ -301,8 +307,8 @@
       if (this.seriesOrder != null) {
         keyNames = this.seriesOrder;
       } else {
-        keyNames = ((String[]) dataMap.keySet().toArray(
-            new String[dataMap.size()]));
+        keyNames = dataMap.keySet().toArray(
+            new String[dataMap.size()]);
       }
       int counter = 0;
       if (i != 0) {
@@ -352,39 +358,41 @@
         output.append(showYAxis);
         output.append("}, data:[");
         TreeMap<String, Double> data = dataMap.get(seriesName);
-        for (String dp : data.keySet()) {
-          int rangeLabel = 0;
-          if (counter2 != 0) {
-            output.append(",");
-          }
-          if (xLabel.equals("Time")) {
-            if (data.get(dp) == Double.NaN) {
-              output.append("[\"");
-              output.append(dp);
-              output.append("\",NULL]");
-            } else {
-              output.append("[\"");
-              output.append(dp);
-              output.append("\",");
-              output.append(data.get(dp));
-              output.append("]");
+        if(data!=null) {
+          for (String dp : data.keySet()) {
+            int rangeLabel = 0;
+            if (counter2 != 0) {
+              output.append(",");
             }
-          } else {
-            long value = xLabelRangeHash.get(dp);
-            if (data.get(dp) == Double.NaN) {
-              output.append("[\"");
-              output.append(value);
-              output.append("\",NULL]");
+            if (xLabel.equals("Time")) {
+              if (data.get(dp) == Double.NaN) {
+                output.append("[\"");
+                output.append(dp);
+                output.append("\",NULL]");
+              } else {
+                output.append("[\"");
+                output.append(dp);
+                output.append("\",");
+                output.append(data.get(dp));
+                output.append("]");
+              }
             } else {
-              output.append("[\"");
-              output.append(value);
-              output.append("\",");
-              output.append(data.get(dp));
-              output.append("]");
+              long value = xLabelRangeHash.get(dp);
+              if (data.get(dp) == Double.NaN) {
+                output.append("[\"");
+                output.append(value);
+                output.append("\",NULL]");
+              } else {
+                output.append("[\"");
+                output.append(value);
+                output.append("\",");
+                output.append(data.get(dp));
+                output.append("]");
+              }
+              rangeLabel++;
             }
-            rangeLabel++;
+            counter2++;
           }
-          counter2++;
         }
         output.append("], min:0");
         if (this.userDefinedMax) {
@@ -397,7 +405,7 @@
       i++;
     }
     output.append(" ];\n");
-    if (request != null && request.getParameter("format") == null) {
+    if (request != null && xf.getParameter("format") == null) {
       output.append(" wholePeriod();</script></body></html>\n");
     } else {
       output.append("chartTitle=\"<center>" + this.title + "</center>\";");

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/DatasetMapper.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/DatasetMapper.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/DatasetMapper.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/DatasetMapper.java Tue Mar 31 01:02:36 2009
@@ -115,7 +115,7 @@
                 }
                 data.put(label, tmp);
               } else {
-                double current = rs.getDouble(3);
+                double current = rs.getDouble(j);
                 if (current > max) {
                   max = current;
                 }

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Iframe.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Iframe.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Iframe.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Iframe.java Tue Mar 31 01:02:36 2009
@@ -9,34 +9,41 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-public class Iframe extends HttpServlet {
+import org.apache.hadoop.chukwa.util.XssFilter;
 
+public class Iframe extends HttpServlet {
+  public static final long serialVersionUID = 100L;
   private String id;
   private String height = "100%";
+  private XssFilter xf = null;
 
   public void doGet(HttpServletRequest request, HttpServletResponse response)
       throws IOException, ServletException {
-    if (request.getParameter("boxId") != null) {
-      this.id = request.getParameter("boxId");
+    xf = new XssFilter(request);
+    if (xf.getParameter("boxId") != null) {
+      this.id = xf.getParameter("boxId");
     } else {
       this.id = "0";
     }
-    response.setHeader("boxId", request.getParameter("boxId"));
+    response.setContentType("text/html; chartset=UTF-8//IGNORE");
+    response.setHeader("boxId", xf.getParameter("boxId"));
     PrintWriter out = response.getWriter();
     StringBuffer source = new StringBuffer();
-    String requestURL = request.getRequestURL().toString().replaceFirst(
-        "iframe/", "");
+    String requestURL = request.getRequestURL().toString().replaceFirst("iframe/", "");
+    if(requestURL.indexOf("/hicc")!=-1) {
+       requestURL = requestURL.substring(requestURL.indexOf("/hicc"));
+    }
     source.append(requestURL);
     source.append("?");
     Enumeration names = request.getParameterNames();
     while (names.hasMoreElements()) {
-      String key = (String) names.nextElement();
-      String[] values = request.getParameterValues(key);
+      String key = xf.filter((String) names.nextElement());
+      String[] values = xf.getParameterValues(key);
       for (int i = 0; i < values.length; i++) {
         source.append(key + "=" + values[i] + "&");
       }
       if (key.toLowerCase().intern() == "height".intern()) {
-        height = request.getParameter(key);
+        height = xf.getParameter(key);
       }
     }
     out.println("<html><body><iframe id=\"iframe" + this.id + "\" " + "src=\""

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/JSONLoader.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/JSONLoader.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/JSONLoader.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/JSONLoader.java Tue Mar 31 01:02:36 2009
@@ -55,7 +55,7 @@
     String buffer = getContents(source);
     try {
       JSONObject rows = new JSONObject(buffer);
-      jsonData = new JSONArray((String) rows.get("rows").toString());
+      jsonData = new JSONArray(rows.get("rows").toString());
     } catch (JSONException e) {
     }
   }
@@ -63,7 +63,7 @@
   public String getTS(int i) {
     String ts = null;
     try {
-      ts = ((JSONObject) ((JSONArray) jsonData).get(i)).get("ts").toString();
+      ts = ((JSONObject) jsonData.get(i)).get("ts").toString();
     } catch (JSONException e) {
     }
     return ts;
@@ -72,7 +72,7 @@
   public String getTags(int i) {
     String tags = null;
     try {
-      tags = ((JSONObject) ((JSONArray) jsonData).get(i)).get("tags")
+      tags = ((JSONObject) jsonData.get(i)).get("tags")
           .toString();
     } catch (JSONException e) {
     }
@@ -82,7 +82,7 @@
   public String getValue(int i) {
     String value = null;
     try {
-      value = ((JSONObject) ((JSONArray) jsonData).get(i)).get("value")
+      value = ((JSONObject) jsonData.get(i)).get("value")
           .toString();
     } catch (JSONException e) {
     }
@@ -90,6 +90,6 @@
   }
 
   public int length() {
-    return ((JSONArray) jsonData).length();
+    return jsonData.length();
   }
 }

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/TimeHandler.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/TimeHandler.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/TimeHandler.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/TimeHandler.java Tue Mar 31 01:02:36 2009
@@ -20,6 +20,9 @@
 
 
 import javax.servlet.http.*;
+
+import org.apache.hadoop.chukwa.util.XssFilter;
+
 import java.util.Calendar;
 import java.util.TimeZone;
 import java.text.SimpleDateFormat;
@@ -38,7 +41,8 @@
   private String endMin = null;
   private String startS = null;
   private String endS = null;
-
+  private XssFilter xf = null;
+  
   public TimeHandler(HttpServletRequest request) {
     this.tz = TimeZone.getTimeZone("UTC");
     init(request);
@@ -54,6 +58,7 @@
   }
 
   public void init(HttpServletRequest request) {
+    xf = new XssFilter(request);
     Calendar now = Calendar.getInstance();
     this.session = request.getSession();
     this.request = request;
@@ -71,7 +76,7 @@
       session.setAttribute("end", "" + end);
     } else if (request.getParameter("period") != null
         && !request.getParameter("period").equals("")) {
-      String period = request.getParameter("period");
+      String period = xf.getParameter("period");
       this.start = now.getTimeInMillis();
       this.end = now.getTimeInMillis();
       if (period.equals("last1hr")) {

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Views.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Views.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Views.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Views.java Tue Mar 31 01:02:36 2009
@@ -25,8 +25,8 @@
 
 public class Views {
   public JSONArray viewsData;
-  private String path = System.getProperty("catalina.home")
-      + "/webapps/hicc/views/workspace_view_list.cache";
+  private String path = System.getenv("CHUKWA_DATA_DIR")
+      + "/views/workspace_view_list.cache";
 
   static public String getContents(File aFile) {
     // ...checks on aFile are elided
@@ -69,7 +69,7 @@
   public String getOwner(int i) {
     String owner = null;
     try {
-      owner = ((JSONObject) ((JSONArray) viewsData).get(i)).get("owner")
+      owner = ((JSONObject) viewsData.get(i)).get("owner")
           .toString();
     } catch (JSONException e) {
     }
@@ -79,7 +79,7 @@
   public Iterator getPermission(int i) {
     Iterator permission = null;
     try {
-      permission = ((JSONObject) ((JSONObject) ((JSONArray) viewsData).get(i))
+      permission = ((JSONObject) ((JSONObject) viewsData.get(i))
           .get("permission")).keys();
     } catch (JSONException e) {
     }
@@ -89,8 +89,10 @@
   public String getReadPermission(int i, String who) {
     String read = null;
     try {
-      read = ((JSONObject) ((JSONObject) ((JSONObject) ((JSONArray) viewsData)
-          .get(i)).get("permission")).get(who)).get("read").toString();
+      JSONObject view = (JSONObject) viewsData.get(i);
+      JSONObject permission = (JSONObject) view.get("permission");
+      JSONObject user = (JSONObject) permission.get(who);
+      read = user.get("read").toString();
     } catch (JSONException e) {
     }
     return read;
@@ -99,8 +101,7 @@
   public String getWritePermission(int i, String who) {
     String write = null;
     try {
-      write = ((JSONObject) ((JSONObject) ((JSONObject) ((JSONArray) viewsData)
-          .get(i)).get("permission")).get(who)).get("write").toString();
+      write = ((JSONObject) ((JSONObject) ((JSONObject) viewsData.get(i)).get("permission")).get(who)).get("write").toString();
     } catch (JSONException e) {
     }
     return write;
@@ -109,7 +110,7 @@
   public String getDescription(int i) {
     String description = null;
     try {
-      description = ((JSONObject) ((JSONArray) viewsData).get(i)).get(
+      description = ((JSONObject) viewsData.get(i)).get(
           "description").toString();
     } catch (JSONException e) {
     }
@@ -119,13 +120,13 @@
   public String getKey(int i) {
     String key = null;
     try {
-      key = ((JSONObject) ((JSONArray) viewsData).get(i)).get("key").toString();
+      key = ((JSONObject) viewsData.get(i)).get("key").toString();
     } catch (JSONException e) {
     }
     return key;
   }
 
   public int length() {
-    return ((JSONArray) viewsData).length();
+    return viewsData.length();
   }
 }

Modified: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Workspace.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Workspace.java?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Workspace.java (original)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/hicc/Workspace.java Tue Mar 31 01:02:36 2009
@@ -24,19 +24,23 @@
 import javax.servlet.*;
 import javax.servlet.http.*;
 import java.sql.*;
+
+import org.apache.hadoop.chukwa.util.XssFilter;
 import org.json.*;
 
 public class Workspace extends HttpServlet {
-
-  private String path = System.getProperty("catalina.home") + "/webapps/hicc";
+  public static final long serialVersionUID = 101L;
+  private String path = System.getenv("CHUKWA_DATA_DIR");
   private JSONObject hash = new JSONObject();
   private String user = "admin";
+  private XssFilter xf = null;
 
   public void doGet(HttpServletRequest request, HttpServletResponse response)
       throws IOException, ServletException {
-    response.setContentType("text/html");
+    xf = new XssFilter(request);
+    response.setContentType("text/plain");
     PrintWriter out = response.getWriter();
-    String method = request.getParameter("method");
+    String method = xf.getParameter("method");
     if (method.equals("get_views_list")) {
       getViewsList(request, response);
     }
@@ -108,8 +112,8 @@
   public void cloneView(HttpServletRequest request, HttpServletResponse response)
       throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String name = request.getParameter("name");
-    String template = request.getParameter("clone_name");
+    String name = xf.getParameter("name");
+    String template = xf.getParameter("clone_name");
     File aFile = new File(path + "/views/" + template);
     String config = getContents(aFile);
     int i = 0;
@@ -138,7 +142,7 @@
   public void deleteView(HttpServletRequest request,
       HttpServletResponse response) throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String name = request.getParameter("name");
+    String name = xf.getParameter("name");
     File aFile = new File(path + "/views/" + name + ".view");
     aFile.delete();
     File deleteCache = new File(path + "/views/workspace_view_list.cache");
@@ -149,7 +153,7 @@
   public void getViewsList(HttpServletRequest request,
       HttpServletResponse response) throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String format = request.getParameter("format");
+    String format = xf.getParameter("format");
     File aFile = new File(path + "/views/workspace_view_list.cache");
     String viewsCache = getContents(aFile);
     out.println(viewsCache);
@@ -158,7 +162,7 @@
   public void getView(HttpServletRequest request, HttpServletResponse response)
       throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String id = request.getParameter("id");
+    String id = xf.getParameter("id");
     genViewCache(path + "/views");
     File aFile = new File(path + "/views/" + id + ".view");
     String view = getContents(aFile);
@@ -168,7 +172,7 @@
   public void changeViewInfo(HttpServletRequest request,
       HttpServletResponse response) throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String id = request.getParameter("name");
+    String id = xf.getParameter("name");
     String config = request.getParameter("config");
     try {
       JSONObject jt = new JSONObject(config);
@@ -192,7 +196,7 @@
   public void saveView(HttpServletRequest request, HttpServletResponse response)
       throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String id = request.getParameter("name");
+    String id = xf.getParameter("name");
     String config = request.getParameter("config");
     File aFile = new File(path + "/views/" + id + ".view");
     setContents(path + "/views/" + id + ".view", config);
@@ -202,7 +206,7 @@
   public void getWidgetList(HttpServletRequest request,
       HttpServletResponse response) throws IOException, ServletException {
     PrintWriter out = response.getWriter();
-    String format = request.getParameter("format");
+    String format = xf.getParameter("format");
     genWidgetCache(path + "/descriptors");
     File aFile = new File(path + "/descriptors/workspace_plugin.cache");
     String viewsCache = getContents(aFile);

Added: hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/util/XssFilter.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/util/XssFilter.java?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/util/XssFilter.java (added)
+++ hadoop/chukwa/trunk/src/java/org/apache/hadoop/chukwa/util/XssFilter.java Tue Mar 31 01:02:36 2009
@@ -0,0 +1,41 @@
+package org.apache.hadoop.chukwa.util;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import com.josephoconnell.html.HTMLInputFilter;
+
+public class XssFilter {
+  private HttpServletRequest request = null;
+  private static Log log = LogFactory.getLog(XssFilter.class);
+    public XssFilter() {
+    }
+
+    public XssFilter(HttpServletRequest request) {
+      this.request = request;
+    }
+    
+    public String getParameter(String key) {
+      return filter(this.request.getParameter(key));
+    }
+    
+    public String[] getParameterValues(String key) {
+      String[] values = this.request.getParameterValues(key);
+      if(values!=null) {
+        for(int i=0;i<values.length;i++) {
+          values[i] = filter(values[i]);
+        }
+      }
+      return values;
+    }
+    
+    public String filter( String input ) {
+        if(input==null) {
+            return null;
+        }
+        String clean = new HTMLInputFilter().filter( input.replaceAll("\"", "%22").replaceAll("\'","%27"));
+        return clean.replaceAll("<", "%3C").replaceAll(">", "%3E");
+    }
+}

Added: hadoop/chukwa/trunk/src/test/org/apache/hadoop/chukwa/util/TestXSSFilter.java
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/test/org/apache/hadoop/chukwa/util/TestXSSFilter.java?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/test/org/apache/hadoop/chukwa/util/TestXSSFilter.java (added)
+++ hadoop/chukwa/trunk/src/test/org/apache/hadoop/chukwa/util/TestXSSFilter.java Tue Mar 31 01:02:36 2009
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.hadoop.chukwa.util;
+
+
+import junit.framework.TestCase;
+
+public class TestXSSFilter extends TestCase {
+
+  public void testFilter() {
+    XssFilter xss = new XssFilter();
+    String xssTest = "<XSS>";
+    String xssFiltered = xss.filter(xssTest);
+    assertEquals(xssFiltered, "");
+    xssTest = "\'\';!--\"<XSS>=&{()}";
+    xssFiltered = xss.filter(xssTest);
+    assertEquals(xssFiltered, "&amp;{()}");
+    xssTest = "<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\">";
+    xssFiltered = xss.filter(xssTest);
+    assertEquals(xssFiltered, "%3Cimg /%3Ealert(%22XSS%22)");
+  }
+}

Added: hadoop/chukwa/trunk/src/web/hicc/css/images/navbar-selected.gif
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/css/images/navbar-selected.gif?rev=760281&view=auto
==============================================================================
Binary file - no diff available.

Propchange: hadoop/chukwa/trunk/src/web/hicc/css/images/navbar-selected.gif
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Added: hadoop/chukwa/trunk/src/web/hicc/css/images/titlebar.gif
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/css/images/titlebar.gif?rev=760281&view=auto
==============================================================================
Binary file - no diff available.

Propchange: hadoop/chukwa/trunk/src/web/hicc/css/images/titlebar.gif
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"cluster-disk",
 "title":"Cluster Disk Statistics",
 "version":"0.1",
-"categories":"System,Disk,Status",
+"categories":"System Metrics,Cluster,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display cluster disk related statistics",
 "screendump":"\/images\/server_load.gif",

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk_pcnt.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk_pcnt.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk_pcnt.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_disk_pcnt.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"cluster-disk-pcnt",
 "title":"Cluster Disk Statistics By Percentage",
 "version":"0.1",
-"categories":"System,Disk,Status",
+"categories":"System Metrics,Cluster,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display cluster disk related statistics",
 "screendump":"\/images\/server_load.gif",

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"cluster_metrics",
 "title":"Cluster Metrics",
 "version":"0.1",
-"categories":"System,Status",
+"categories":"System Metrics,Cluster,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display cluster related stats",
 "screendump":"\/images\/server_load.gif",
@@ -22,6 +22,7 @@
 {"label":"Last 30 Days","value":"last30d"}
 ]},
 {"name":"metric","type":"select_multiple","value":"load_15","label":"Metric","options":[
+{"label":"Reporting Hosts","value":"host"},
 {"label":"load_15","value":"load_15"},
 {"label":"load_5","value":"load_5"},
 {"label":"load_1","value":"load_1"},

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics_pcnt.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics_pcnt.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics_pcnt.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/cluster_metrics_pcnt.descriptor Tue Mar 31 01:02:36 2009
@@ -1,8 +1,8 @@
 {
 "id":"cluster_metrics_pcnt",
-"title":"Cluster Metrics by Percentage",
+"title":"Cluster Metrics By Percentage",
 "version":"0.1",
-"categories":"System,Status",
+"categories":"System Metrics,Cluster,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display cluster related stats by percentage",
 "screendump":"\/images\/server_load.gif",

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/debug.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/debug.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/debug.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/debug.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"debug",
 "title":"Session Debugger",
 "version":"0.1",
-"categories":"Global,Utilities",
+"categories":"Developer,Utilities",
 "module":"jsp\/debug.jsp",
 "description":"Display session stats",
 "refresh":"15",

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_counter.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_counter.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_counter.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_counter.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,72 @@
+{
+"id":"dfs_datanode_counter",
+"title":"Data Node Metrics By Counter",
+"version":"0.1",
+"categories":"Hadoop,Data Node,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display HDFS data node stats by accumulated values",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"table","type":"string","value":"dfs_datanode","edit":"0"},
+{"name":"normalize_time","type":"string","value":"true","edit":"0"},
+{"name":"find_slope","type":"string","value":"true","edit":"0"},
+{"name":"group_items","type":"string","value":"hosts","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select_multiple","value":"bytes_read","label":"Metric","options":[
+{"label":"block_reports_num_ops","value":"block_reports_num_ops"}, 
+{"label":"block_verification_failures","value":"block_verification_failures"}, 
+{"label":"blocks_read","value":"blocks_read"}, 
+{"label":"blocks_removed","value":"blocks_removed"}, 
+{"label":"blocks_replicated","value":"blocks_replicated"}, 
+{"label":"blocks_verified","value":"blocks_verified"}, 
+{"label":"blocks_written","value":"blocks_written"}, 
+{"label":"bytes_read","value":"bytes_read"}, 
+{"label":"bytes_written","value":"bytes_written"}, 
+{"label":"copy_block_op_num_ops","value":"copy_block_op_num_ops"}, 
+{"label":"heart_beats_num_ops","value":"heart_beats_num_ops"}, 
+{"label":"read_block_op_num_ops","value":"read_block_op_num_ops"}, 
+{"label":"read_metadata_op_num_ops","value":"read_metadata_op_num_ops"}, 
+{"label":"reads_from_local_client","value":"reads_from_local_client"}, 
+{"label":"reads_from_remote_client","value":"reads_from_remote_client"}, 
+{"label":"replace_block_op_num_ops","value":"replace_block_op_num_ops"}, 
+{"label":"write_block_op_num_ops","value":"write_block_op_num_ops"}, 
+{"label":"writes_from_local_client","value":"writes_from_local_client"}, 
+{"label":"writes_from_remote_client","value":"writes_from_remote_client"} 
+]},
+{"name":"width","type":"select","value":"300","label":"Width","options":[
+{"label":"300","value":"300"},
+{"label":"400","value":"400"},
+{"label":"500","value":"500"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1200","value":"1200"}
+]},
+{"name":"height","type":"select","value":"200","label":"Height","options":[
+{"label":"200","value":"200"},
+{"label":"400","value":"400"},
+{"label":"600","value":"600"},
+{"label":"1000","value":"1000"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]},
+{"name":"render","type":"select","value":"stack-area","label":"Chart Type","options":[
+{"label":"Line Chart","value":"line"},
+{"label":"Stacked Area Chart","value":"stack-area"}
+]}
+]
+}

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_rate.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_rate.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_rate.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_datanode_rate.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,55 @@
+{
+"id":"dfs_datanode_rate",
+"title":"Data Node Metrics By Rate",
+"version":"0.1",
+"categories":"Hadoop,Data Node,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display HDFS data node stats",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"table","type":"string","value":"dfs_datanode","edit":"0"},
+{"name":"normalize_time","type":"string","value":"true","edit":"0"},
+{"name":"group_items","type":"string","value":"hosts","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select_multiple","value":"heart_beats_avg_time","label":"Metric","options":[
+{"label":"block_reports_avg_time","value":"block_reports_avg_time"}, 
+{"label":"copy_block_op_avg_time","value":"copy_block_op_avg_time"}, 
+{"label":"heart_beats_avg_time","value":"heart_beats_avg_time"}, 
+{"label":"read_block_op_avg_time","value":"read_block_op_avg_time"}, 
+{"label":"read_metadata_op_avg_time","value":"read_metadata_op_avg_time"}, 
+{"label":"replace_block_op_avg_time","value":"replace_block_op_avg_time"}, 
+{"label":"write_block_op_avg_time","value":"write_block_op_avg_time"}
+]},
+{"name":"width","type":"select","value":"300","label":"Width","options":[
+{"label":"300","value":"300"},
+{"label":"400","value":"400"},
+{"label":"500","value":"500"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1200","value":"1200"}
+]},
+{"name":"height","type":"select","value":"200","label":"Height","options":[
+{"label":"200","value":"200"},
+{"label":"400","value":"400"},
+{"label":"600","value":"600"},
+{"label":"1000","value":"1000"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]}
+]
+}

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_fsnamesystem.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_fsnamesystem.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_fsnamesystem.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_fsnamesystem.descriptor Tue Mar 31 01:02:36 2009
@@ -1,6 +1,6 @@
 {
 "id":"dfs_fsnamesystem",
-"title":"DFS FS Name System Metrics",
+"title":"HDFS FS Name System Metrics",
 "version":"0.1",
 "categories":"Hadoop,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_counter.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_counter.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_counter.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_counter.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,49 @@
+{
+"id":"dfs_namenode_counter",
+"title":"Name Node Metrics By Counter",
+"version":"0.1",
+"categories":"Hadoop,Name Node,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display hadoop name node stats by accumulated values",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"find_slope","type":"string","value":"true","edit":"0"},
+{"name":"table","type":"string","value":"dfs_namenode","edit":"0"},
+{"name":"group_override","type":"string","value":"host","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select_multiple","value":"files_created","label":"Metric","options":[
+{"label":"add_block_ops","value":"add_block_ops"},                            
+{"label":"create_file_ops","value":"create_file_ops"},         
+{"label":"delete_file_ops","value":"delete_file_ops"},
+{"label":"files_created","value":"files_created"},
+{"label":"files_renamed","value":"files_renamed"},
+{"label":"files_deleted","value":"files_deleted"},
+{"label":"get_block_locations","value":"get_block_locations"},
+{"label":"get_listing_ops","value":"get_listing_ops"},
+{"label":"syncs_num_ops","value":"syncs_num_ops"},
+{"label":"transactions_num_ops","value":"transactions_num_ops"},
+{"label":"block_report_num_ops","value":"block_report_num_ops"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]},
+{"name":"render","type":"select","value":"stack-area","label":"Chart Type","options":[
+{"label":"Line Chart","value":"line"},
+{"label":"Stacked Area Chart","value":"stack-area"}
+]}
+]
+}

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_rate.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_rate.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_rate.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_namenode_rate.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,39 @@
+{
+"id":"dfs_namenode_rate",
+"title":"Name Node Metrics By Rate",
+"version":"0.1",
+"categories":"Hadoop,Name Node,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display hadoop name node related stats",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"group_override","type":"string","value":"host","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"table","type":"string","value":"dfs_namenode","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select_multiple","value":"block_report_avg_time","label":"Metric","options":[
+{"label":"blocks_corrupted","value":"blocks_corrupted"},
+{"label":"safe_mode_time","value":"safe_mode_time"},
+{"label":"syncs_avg_time","value":"syncs_avg_time"},
+{"label":"transactions_avg_time","value":"transactions_avg_time"},
+{"label":"block_report_avg_time","value":"block_report_avg_time"},
+{"label":"fs_image_load_time","value":"fs_image_load_time"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]}
+]
+}

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_throughput.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_throughput.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_throughput.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/dfs_throughput.descriptor Tue Mar 31 01:02:36 2009
@@ -1,15 +1,14 @@
 {
-"id":"dfs_throughput",
-"title":"DFS Throughput Metrics",
+"id":"dfs_throughput_rate",
+"title":"HDFS Throughput Metrics",
 "version":"0.1",
 "categories":"Hadoop,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
-"description":"Display DFS throughput stats",
+"description":"Display HDFS cluster throughput stats by rate values",
 "screendump":"\/images\/server_load.gif",
 "refresh":"15",
 "parameters":[
 {"name":"table","type":"string","value":"dfs_throughput","edit":"0"},
-{"name":"find_slope","type":"string","value":"true","edit":"0"},
 {"name":"period","type":"select","value":"","label":"Period","options":[
 {"label":"Use Time Widget","value":""},
 {"label":"Last 1 Hour","value":"last1hr"},
@@ -22,9 +21,8 @@
 {"label":"Last 7 Days","value":"last7d"},
 {"label":"Last 30 Days","value":"last30d"}
 ]},
-{"name":"metric","type":"select_multiple","value":"bytes_read","label":"Metric","options":[
-{"label":"hosts","value":"hosts"},                            
-{"label":"block_reports_avg_time","value":"block_reports_avg_time"},                            
+{"name":"metric","type":"select_multiple","value":"heart_beats_avg_time","label":"Metric","options":[
+{"label":"hosts","value":"hosts"},
 {"label":"block_reports_num_ops","value":"block_reports_num_ops"},
 {"label":"block_verification_failures","value":"block_verification_failures"},
 {"label":"blocks_read","value":"blocks_read"},
@@ -34,22 +32,23 @@
 {"label":"blocks_written","value":"blocks_written"},
 {"label":"bytes_read","value":"bytes_read"},
 {"label":"bytes_written","value":"bytes_written"},
-{"label":"copy_block_op_avg_time","value":"copy_block_op_avg_time"},
 {"label":"copy_block_op_num_ops","value":"copy_block_op_num_ops"},
-{"label":"heart_beats_avg_time","value":"heart_beats_avg_time"},
 {"label":"heart_beats_num_ops","value":"heart_beats_num_ops"},
-{"label":"read_block_op_avg_time","value":"read_block_op_avg_time"},
 {"label":"read_block_op_num_ops","value":"read_block_op_num_ops"},
-{"label":"read_metadata_op_avg_time","value":"read_metadata_op_avg_time"},
 {"label":"read_metadata_op_num_ops","value":"read_metadata_op_num_ops"},
 {"label":"reads_from_local_client","value":"reads_from_local_client"},
 {"label":"reads_from_remote_client","value":"reads_from_remote_client"},
-{"label":"replace_block_op_avg_time","value":"replace_block_op_avg_time"},
 {"label":"replace_block_op_num_ops","value":"replace_block_op_num_ops"},
-{"label":"write_block_op_avg_time","value":"write_block_op_avg_time"},
 {"label":"write_block_op_num_ops","value":"write_block_op_num_ops"},
 {"label":"writes_from_local_client","value":"writes_from_local_client"},
-{"label":"writes_from_remote_client","value":"writes_from_remote_client"}
+{"label":"writes_from_remote_client","value":"writes_from_remote_client"},
+{"label":"block_reports_avg_time","value":"block_reports_avg_time"},                            
+{"label":"copy_block_op_avg_time","value":"copy_block_op_avg_time"},
+{"label":"heart_beats_avg_time","value":"heart_beats_avg_time"},
+{"label":"read_block_op_avg_time","value":"read_block_op_avg_time"},
+{"label":"read_metadata_op_avg_time","value":"read_metadata_op_avg_time"},
+{"label":"replace_block_op_avg_time","value":"replace_block_op_avg_time"},
+{"label":"write_block_op_avg_time","value":"write_block_op_avg_time"}
 ]},
 {"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
 {"label":"On","value":"on"},

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/disk.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/disk.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/disk.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/disk.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"disk",
 "title":"Disk Statistics",
 "version":"0.1",
-"categories":"System,Disk,Status",
+"categories":"System Metrics,Server,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display disk related statistics",
 "screendump":"\/images\/server_load.gif",

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/disk_pcnt.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/disk_pcnt.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/disk_pcnt.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/disk_pcnt.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"disk-pcnt",
 "title":"Disk Statistics By Percentage",
 "version":"0.1",
-"categories":"System,Disk,Status",
+"categories":"System Metrics,Server,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display disk related statistics",
 "screendump":"\/images\/server_load.gif",

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_counter.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_counter.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_counter.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_counter.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,57 @@
+{
+"id":"hadoop_jvm_counter",
+"title":"JVM Metrics By Counter",
+"version":"0.1",
+"categories":"Hadoop,Java Virtual Machine,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display Java virtual machine metrics for Hadoop",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"table","type":"string","value":"hadoop_jvm","edit":"0"},
+{"name":"find_slope","type":"string","value":"true","edit":"0"},
+{"name":"group_override","type":"string","value":"concat(host,' ',process_name) as process","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"group_items","type":"string","value":"hosts","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select","value":"gc_timemillis","label":"Metric","options":[
+{"label":"gc_timemillis","value":"gc_timemillis"},
+{"label":"gc_count","value":"gc_count"},
+{"label":"log_error","value":"log_error"},
+{"label":"log_fatal","value":"log_fatal"},
+{"label":"log_info","value":"log_info"},
+{"label":"log_warn","value":"log_warn"}
+]},
+{"name":"width","type":"select","value":"300","label":"Width","options":[
+{"label":"300","value":"300"},
+{"label":"400","value":"400"},
+{"label":"500","value":"500"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"},
+{"label":"1200","value":"1200"}
+]},
+{"name":"height","type":"select","value":"200","label":"Height","options":[
+{"label":"200","value":"200"},
+{"label":"400","value":"400"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]}
+]
+}

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_rate.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_rate.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_rate.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/hadoop_jvm_rate.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,61 @@
+{
+"id":"hadoop_jvm",
+"title":"JVM Metrics By Rate",
+"version":"0.1",
+"categories":"Hadoop,Java Virtual Machine,Status",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display Java virtual machine metrics for Hadoop",
+"screendump":"\/images\/server_load.gif",
+"refresh":"15",
+"parameters":[
+{"name":"table","type":"string","value":"hadoop_jvm","edit":"0"},
+{"name":"normalize_time","type":"string","value":"true","edit":"0"},
+{"name":"group_override","type":"string","value":"concat(host,' ',process_name) as process","edit":"0"},
+{"name":"group","type":"string","value":"host","edit":"0"},
+{"name":"group_items","type":"string","value":"hosts","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"metric","type":"select","value":"threads_blocked","label":"Metric","options":[
+{"label":"mem_heap_committed_m","value":"mem_heap_committed_m"},
+{"label":"mem_heap_used_m","value":"mem_heap_used_m"},
+{"label":"mem_non_heap_committed_m","value":"mem_non_heap_committed_m"},
+{"label":"mem_non_heap_used_m","value":"mem_non_heap_used_m"},
+{"label":"threads_blocked","value":"threads_blocked"},
+{"label":"threads_new","value":"threads_new"},
+{"label":"threads_runnable","value":"threads_runnable"},
+{"label":"threads_terminated","value":"threads_terminated"},
+{"label":"threads_timed_waiting","value":"threads_timed_waiting"},
+{"label":"threads_waiting","value":"threads_waiting"},
+]},
+{"name":"width","type":"select","value":"300","label":"Width","options":[
+{"label":"300","value":"300"},
+{"label":"400","value":"400"},
+{"label":"500","value":"500"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"},
+{"label":"1200","value":"1200"}
+]},
+{"name":"height","type":"select","value":"200","label":"Height","options":[
+{"label":"200","value":"200"},
+{"label":"400","value":"400"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]}
+]
+}

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/node_activity_chart.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/node_activity_chart.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/node_activity_chart.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/node_activity_chart.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"node_activity_chart",
 "title":"Node Activity Graph",
 "version":"0.1",
-"categories":"System,Status",
+"categories":"Global,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display Node Activity Graph",
 "screendump":"\/images\/server_load.gif",

Added: hadoop/chukwa/trunk/src/web/hicc/descriptors/sql_charter.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/sql_charter.descriptor?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/sql_charter.descriptor (added)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/sql_charter.descriptor Tue Mar 31 01:02:36 2009
@@ -0,0 +1,53 @@
+{
+"id":"sql_charter",
+"title":"SQL Charter",
+"version":"0.1",
+"categories":"Developer,Utility",
+"module":"iframe/jsp/single-series-chart-javascript.jsp",
+"description":"Display chart from SQL queries",
+"refresh":"0",
+"parameters":[
+{"name":"query","type":"text","value":"select host,max(load_1),min(load_1),avg(load_1) from system_metrics_2032_week where timestamp >='2008-12-13 17:30' and timestamp <= '2008-12-13 18:30' group by host","label":"Query","edit":"1"},
+{"name":"title","type":"string","label":"Title","value":"","edit":"1"},
+{"name":"x_axis_label","type":"string","value":"Hostname","edit":"0"},
+{"name":"period","type":"select","value":"","label":"Period","options":[
+{"label":"Use Time Widget","value":""},
+{"label":"Last 1 Hour","value":"last1hr"},
+{"label":"Last 2 Hours","value":"last2hr"},
+{"label":"Last 3 Hours","value":"last3hr"},
+{"label":"Last 6 Hours","value":"last6hr"},
+{"label":"Last 12 Hours","value":"last12hr"},
+{"label":"Last 24 Hours","value":"last24hr"},
+{"label":"Yesterday","value":"yesterday"},
+{"label":"Last 7 Days","value":"last7d"},
+{"label":"Last 30 Days","value":"last30d"}
+]},
+{"name":"width","type":"select","value":"300","label":"Width","options":[
+{"label":"300","value":"300"},
+{"label":"400","value":"400"},
+{"label":"500","value":"500"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"},
+{"label":"1200","value":"1200"}
+]},
+{"name":"height","type":"select","value":"200","label":"Height","options":[
+{"label":"200","value":"200"},
+{"label":"400","value":"400"},
+{"label":"600","value":"600"},
+{"label":"800","value":"800"},
+{"label":"1000","value":"1000"}
+]},
+{"name":"legend","type":"radio","value":"on","label":"Show Legends","options":[
+{"label":"On","value":"on"},
+{"label":"Off","value":"off"}
+]},
+{"name":"render","type":"select","value":"stack-area","label":"Chart Type","options":[
+{"label":"Area","value":"area"},
+{"label":"Bar","value":"bar"},
+{"label":"Line Chart","value":"line"},
+{"label":"Scatter Chart","value":"point"},
+{"label":"Stacked Area Chart","value":"stack-area"},
+]}
+]
+}

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"system_metrics",
 "title":"System Metrics",
 "version":"0.1",
-"categories":"System,Status",
+"categories":"System Metrics,Server,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display system related stats",
 "screendump":"\/images\/server_load.gif",
@@ -23,7 +23,7 @@
 {"label":"Last 7 Days","value":"last7d"},
 {"label":"Last 30 Days","value":"last30d"}
 ]},
-{"name":"metric","type":"select","value":"load_1","label":"Metric","options":[
+{"name":"metric","type":"select_multiple","value":"load_1","label":"Metric","options":[
 {"label":"15 minutes load average","value":"load_15"},
 {"label":"5 minutes load average","value":"load_5"},
 {"label":"1 minutes load average","value":"load_1"},

Modified: hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics_pcnt.descriptor
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics_pcnt.descriptor?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics_pcnt.descriptor (original)
+++ hadoop/chukwa/trunk/src/web/hicc/descriptors/system_metrics_pcnt.descriptor Tue Mar 31 01:02:36 2009
@@ -2,7 +2,7 @@
 "id":"system_metrics_pcnt",
 "title":"System Metrics By Percentage",
 "version":"0.1",
-"categories":"System,Status",
+"categories":"System Metrics,Server,Status",
 "module":"iframe/jsp/single-series-chart-javascript.jsp",
 "description":"Display system related stats by utilization percentage",
 "screendump":"\/images\/server_load.gif",
@@ -24,7 +24,7 @@
 {"label":"Last 7 Days","value":"last7d"},
 {"label":"Last 30 Days","value":"last30d"}
 ]},
-{"name":"metric","type":"select","value":"cpu_user_pcnt","label":"Metric","options":[
+{"name":"metric","type":"select_multiple","value":"cpu_user_pcnt","label":"Metric","options":[
 {"label":"CPU System %","value":"cpu_system_pcnt"},
 {"label":"CPU User %","value":"cpu_user_pcnt"},
 {"label":"CPU Idle %","value":"cpu_idle_pcnt"},

Modified: hadoop/chukwa/trunk/src/web/hicc/index.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/index.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/index.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/index.jsp Tue Mar 31 01:02:36 2009
@@ -17,8 +17,18 @@
  * limitations under the License.
  */
 %>
-<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler"  %>
+<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.regex.Pattern, java.util.regex.Matcher, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.util.XssFilter"  %>
 <%
+    XssFilter xf = new XssFilter(request);
+    for (Enumeration e = request.getParameterNames() ; e.hasMoreElements() ;) {
+        Pattern p = Pattern.compile("_session.(.*)");
+        String name = (String) e.nextElement();
+        Matcher matcher = p.matcher(name);
+        if(matcher.find()) {
+            String realName = matcher.group(1);
+            session.setAttribute(realName,request.getParameter(name));
+        }
+    }
     if(session.getAttribute("cluster")==null) {
         ClusterConfig cc = new ClusterConfig();
         Iterator ci = cc.getClusters();
@@ -28,7 +38,7 @@
     if(session.getAttribute("period")==null || session.getAttribute("start")==null || session.getAttribute("end")==null ||
        session.getAttribute("time_type")==null) {
         session.setAttribute("time_type","last");
-        session.setAttribute("period","last1hr");
+        session.setAttribute("period","last24hr");
         long now = Calendar.getInstance().getTime().getTime();
         session.setAttribute("start",now-(60*60*1000));
         session.setAttribute("end",now);
@@ -46,6 +56,7 @@
 <html><title>Hadoop Infrastructure Care Center</title>
 <body id="main_body">
 <div id="debug"></div>
+<div id="firefox-bug" style="display:none; position: absolute; top: 0px; left: 0px; width:100%; height:100%;z-index:100;opacity:0.7;"></div>
 <div id="shadow" class="shadow"> 
 <table width="100%" height="100%"><tr><td valign="center" align="middle">
 <table padding="20px">
@@ -80,6 +91,8 @@
 var _users_list=''; //'[% users_list_json %]'.evalJSON();
 var expanded_page=1;
 var need_save=0;
+var current_date = new Date();
+var last_hover=0;
 window.onbeforeunload = check_save;
 </script>
 <script type="text/javascript">
@@ -97,7 +110,7 @@
 </script>
 <input type=hidden name=cmd id=cmd value=1>
 <table width="100%" cellpadding=3 cellspacing=0>
-<tr><td nowrap><img src="images/chukwa.jpg" align="absmiddle"> Hadoop Infrastructure Care Center</td>
+<tr><td nowrap><img src="images/chukwa.jpg" align="absmiddle">Hadoop Infrastructure Care Center</td>
     <td align="left" nowrap class="portal_top_nav_bar" nowrap> </td></tr>
 </table>
 <table width="100%" cellpadding=0 cellspacing=0 class="menubar">
@@ -127,7 +140,7 @@
 </ul>
 </div>
 </td><td>
-</td><td align="right"><a href='#' onclick='toggle_view_all()' class='glossy_icon'><img id='view_all' src='/hicc/images/stop.png' border=0></a>  <a href='#' onclick='_currentView.getCurrentPage().refresh_all();' class='glossy_icon'><img src='/hicc/images/refresh.png' border=0></a>&nbsp;</div>
+</td><td align="right"><a href='#' onmouseover='javascript:build_permlink();' id='permlink' class='glossy_icon'><img id='permlink_icon' src='/hicc/images/server_link.png' border=0></a> <a href='#' onclick='toggle_view_all()' class='glossy_icon'><img id='view_all' src='/hicc/images/stop.png' border=0></a>  <a href='#' onclick='_currentView.getCurrentPage().refresh_all();' class='glossy_icon'><img src='/hicc/images/refresh.png' border=0></a>&nbsp;</div>
 </td></tr>
 </table>
 <table width="100%" cellpadding=0 cellspacing=0>
@@ -220,7 +233,7 @@
 <script>
 // initialize the script
 update_views_list();
-initScript('<% if(request.getParameter("view") != null) { out.print(request.getParameter("view")); } else { out.print("default"); } %>');
+initScript('<% if(request.getParameter("view") != null) { out.print(request.getParameter("view")); } else { out.print("default"); } %>',<% if (request.getParameter("_page")!=null) { out.print(request.getParameter("_page")); } else { out.print("0"); } %>);
 set_current_view('<% if(request.getParameter("view") != null) { out.print(request.getParameter("view")); } else { out.print("default"); } %>');
 $('shadow').style.display='none';
 

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/chart.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/chart.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/chart.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/chart.jsp Tue Mar 31 01:02:36 2009
@@ -17,8 +17,11 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "org.apache.hadoop.chukwa.util.XssFilter"  %>
+
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
 <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
     pageEncoding="ISO-8859-1"%>

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/cluster_selector.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/cluster_selector.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/cluster_selector.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/cluster_selector.jsp Tue Mar 31 01:02:36 2009
@@ -17,15 +17,17 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "javax.servlet.http.*, java.io.*, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.util.XssFilter"  %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = new XssFilter(request);
+   response.setContentType("text/html; chartset=UTF-8//IGNORE");
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "javax.servlet.http.*, java.io.*, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig"  %>
-<% String boxId = request.getParameter("boxId"); %>
+<% String boxId = xf.getParameter("boxId"); %>
 Cluster
 <select id="<%= boxId %>cluster" name="<%= boxId %>cluster" class="formSelect">
 <%
-       String cluster=request.getParameter("cluster");
+       String cluster=xf.getParameter("cluster");
        if(cluster!=null && !cluster.equals("null")) {
            session.setAttribute("cluster",cluster);
        } else {

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/event2_viewer.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/event2_viewer.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/event2_viewer.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/event2_viewer.jsp Tue Mar 31 01:02:36 2009
@@ -17,17 +17,18 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.dao.*, org.apache.hadoop.chukwa.dao.database.*, org.apache.hadoop.chukwa.dao.hdfs.*, org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.dao.*, org.apache.hadoop.chukwa.dao.database.*, org.apache.hadoop.chukwa.dao.hdfs.*" %>
 <% String filter=(String)session.getAttribute("filter");
    if(filter==null) {
        filter="";
    } %>
 <div style="height:300px;overflow:auto;">
-Filter: <input type="text" id="<%= request.getParameter("boxId") %>filter" name="<%= request.getParameter("boxId") %>filter" value="<%= filter %>" class="formInput">
-<input type="button" name="apply_filter" value="Filter" onClick="filter_event_viewer('<%= request.getParameter("boxId") %>');" class="formButton">
+Filter: <input type="text" id="<%= XssFilter.filter(request.getParameter("boxId")) %>filter" name="<%= XssFilter.filter(request.getParameter("boxId")) %>filter" value="<%= filter %>" class="formInput">
+<input type="button" name="apply_filter" value="Filter" onClick="filter_event_viewer('<%= XssFilter.filter(request.getParameter("boxId")) %>');" class="formButton">
 <table class="simple" width="100%">
 <tr>
 <th>Time</th>
@@ -37,7 +38,7 @@
         String cluster = (String) session.getAttribute("cluster");
         ClusterConfig cc = new ClusterConfig();
         String jdbc = cc.getURL(cluster);
-        String boxId=request.getParameter("boxId");
+        String boxId=XssFilter.filter(request.getParameter("boxId"));
         TimeHandler time = new TimeHandler(request);
         String startdate = time.getStartTimeText();
         String enddate = time.getEndTimeText();

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer.jsp Tue Mar 31 01:02:36 2009
@@ -17,11 +17,13 @@
  * limitations under the License.
  */
 %>
+<%@ page import = " org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
-   if(request.getParameter("type").equals("list")) {
+   XssFilter xf = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
+   if(xf.getParameter("type").equals("list")) {
 %>
-<IFRAME id="<%= request.getParameter("boxId") %>iframe" src="/hicc/jsp/event_viewer_helper.jsp?<%= request.getQueryString() %>" width="100%" frameborder="0" height="400" scrolling="no"></IFRAME>
+<IFRAME id="<%= xf.getParameter("boxId") %>iframe" src="/hicc/jsp/event_viewer_helper.jsp?<%= xf.filter(request.getQueryString()) %>" width="100%" frameborder="0" height="400" scrolling="no"></IFRAME>
 <% } else { %>
-<IFRAME id="<%= request.getParameter("boxId") %>iframe" src="/hicc/jsp/event.jsp" width="100%" frameborder="0" height="600"></IFRAME>
+<IFRAME id="<%= xf.getParameter("boxId") %>iframe" src="/hicc/jsp/event.jsp" width="100%" frameborder="0" height="600"></IFRAME>
 <% } %>

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_data.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_data.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_data.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_data.jsp Tue Mar 31 01:02:36 2009
@@ -17,11 +17,12 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.extraction.engine.*, org.apache.hadoop.chukwa.hicc.TimeHandler, org.json.*, org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.extraction.engine.*, org.apache.hadoop.chukwa.hicc.TimeHandler, org.json.*" %>
-<% String filter=(String)request.getParameter("query");
+<% String filter=xf.getParameter("query"));
    if(filter==null) {
        filter="";
    }
@@ -32,7 +33,7 @@
         Calendar now = Calendar.getInstance();
         long start = 0;
         long end = now.getTimeInMillis();
-        String[] database = request.getParameterValues("database");
+        String[] database = xf.getParameterValues("database");
         String[] timefield = new String[3];
         timefield[0]="LAUNCH_TIME";
         timefield[1]="StartTime";

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_helper.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_helper.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_helper.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/event_viewer_helper.jsp Tue Mar 31 01:02:36 2009
@@ -18,9 +18,10 @@
  */
 %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.extraction.engine.*, org.apache.hadoop.chukwa.hicc.TimeHandler" %>
+<%@ page import = "java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.extraction.engine.*, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.util.XssFilter" %>
 <% String filter=(String)session.getAttribute("filter");
    if(filter==null) {
        filter="";
@@ -42,7 +43,7 @@
             </tr>
     </thead>
 <%
-        String[] database = request.getParameterValues("database");
+        String[] database = xf.getParameterValues("database");
 %>
     <tbody>
     </tbody>
@@ -51,7 +52,7 @@
 <script type="text/javascript">
 $('.flexme1').flexigrid(
 			{
-                        url: '/hicc/jsp/event_viewer_data.jsp?<% for(int i=0;i<database.length;i++) { out.print("database="+database[i]+"&"); } %>',
+                        url: '/hicc/jsp/event_viewer_data.jsp?<% for(int i=0;i<database.length;i++) { out.print("database="+XssFilter.filter(database[i])+"&"); } %>',
                         dataType: 'json',
 			searchitems : [
 				{display: 'Event', name : 'event', isdefault: true}

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/event_wrapper.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/event_wrapper.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/event_wrapper.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/event_wrapper.jsp Tue Mar 31 01:02:36 2009
@@ -17,8 +17,9 @@
  * limitations under the License.
  */
 %>
+<%@page import = "org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<IFRAME id="<%= request.getParameter("boxId") %>iframe" src="/hicc/jsp/event.jsp" width="100%" frameborder="0" height="600"></IFRAME>
+<IFRAME id="<%= xf.getParameter("boxId") %>iframe" src="/hicc/jsp/event.jsp" width="100%" frameborder="0" height="600"></IFRAME>
 

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job.jsp Tue Mar 31 01:02:36 2009
@@ -17,10 +17,11 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*,org.jfree.chart.*, org.jfree.data.category.*, org.jfree.chart.servlet.*, org.jfree.chart.entity.*, org.jfree.chart.plot.*, org.jfree.chart.plot.*, org.jfree.chart.renderer.category.*, org.jfree.data.general.DatasetUtilities, org.jfree.chart.axis.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = new XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*,org.jfree.chart.*, org.jfree.data.category.*, org.jfree.chart.servlet.*, org.jfree.chart.entity.*, org.jfree.chart.plot.*, org.jfree.chart.plot.*, org.jfree.chart.renderer.category.*, org.jfree.data.general.DatasetUtilities, org.jfree.chart.axis.*, org.apache.hadoop.chukwa.hicc.ClusterConfig" %>
 <% if(session.getAttribute("HodID")==null || session.getAttribute("HodID").equals("")) { %>
 <h2> Select a Hod Job from Hod Job List </h2>
 <% } else { %>

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job_list.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job_list.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job_list.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/hod_job_list.jsp Tue Mar 31 01:02:36 2009
@@ -17,10 +17,11 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*,org.jfree.chart.*, org.jfree.data.category.*, org.jfree.chart.servlet.*, org.jfree.chart.entity.*, org.jfree.chart.plot.*, org.jfree.chart.plot.*, org.jfree.chart.renderer.category.*, org.jfree.data.general.DatasetUtilities, org.jfree.chart.axis.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.database.DatabaseConfig, org.apache.hadoop.chukwa.util.XssFilter"  %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   XssFilter xf = XssFilter(request);
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*,org.jfree.chart.*, org.jfree.data.category.*, org.jfree.chart.servlet.*, org.jfree.chart.entity.*, org.jfree.chart.plot.*, org.jfree.chart.plot.*, org.jfree.chart.renderer.category.*, org.jfree.data.general.DatasetUtilities, org.jfree.chart.axis.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.database.DatabaseConfig"  %>
 <table class="simple" width="100%">
 <tr>
 <th width="15%">Hod ID</th>

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/host_selector.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/host_selector.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/host_selector.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/host_selector.jsp Tue Mar 31 01:02:36 2009
@@ -17,11 +17,12 @@
  * limitations under the License.
  */
 %>
+<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.database.DatabaseConfig, org.apache.hadoop.chukwa.util.XssFilter"  %>
+<% XssFilter xf = new XssFilter(request);
+   String boxId = xf.getParameter("boxId"); %>
 <%
-   response.setHeader("boxId", request.getParameter("boxId"));
+   response.setHeader("boxId", xf.getParameter("boxId"));
 %>
-<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.hadoop.chukwa.hicc.ClusterConfig, org.apache.hadoop.chukwa.hicc.TimeHandler, org.apache.hadoop.chukwa.database.DatabaseConfig"  %>
-<% String boxId = request.getParameter("boxId"); %>
 <div class="panel">
 <h2>Hosts</h2>
 <fieldset>
@@ -29,7 +30,7 @@
 <select id="<%= boxId %>group_items" name="<%= boxId %>group_items" MULTIPLE size=10 class="formSelect" style="width:200px;">
 <%
     String[] machineNames = (String [])session.getAttribute("machine_names");
-    String cluster=request.getParameter("cluster");
+    String cluster=xf.getParameter("cluster");
     if(cluster!=null && !cluster.equals("null")) {
         session.setAttribute("cluster",cluster);
     } else {

Added: hadoop/chukwa/trunk/src/web/hicc/jsp/permlink.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/permlink.jsp?rev=760281&view=auto
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/permlink.jsp (added)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/permlink.jsp Tue Mar 31 01:02:36 2009
@@ -0,0 +1,44 @@
+<%
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file 
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+%>
+<%@ page import = "javax.servlet.http.*, java.net.URLEncoder, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.tomcat.util.http.Parameters" %>
+<%!
+   public static String HTMLEntityEncode( String s ) {
+       StringBuffer buf = new StringBuffer();
+       int len = (s == null ? -1 : s.length());
+       for ( int i = 0; i < len; i++ ) {
+           char c = s.charAt( i );
+           if ( c>='a' && c<='z' || c>='A' && c<='Z' || c>='0' && c<='9' ) {
+               buf.append( c );
+           } else {
+               buf.append( "&#" + (int)c + ";" );
+           }
+       }
+       return buf.toString();
+   }
+%>
+<%
+   StringBuffer buf = new StringBuffer();
+   for (Enumeration e = session.getAttributeNames() ; e.hasMoreElements() ;) {
+       String name = (String) e.nextElement();
+       buf.append("_session."+name+"="+URLEncoder.encode(session.getAttribute(name).toString(),"UTF-8"));
+       buf.append("&");
+   }
+   out.println(buf.toString());
+%>

Modified: hadoop/chukwa/trunk/src/web/hicc/jsp/session.jsp
URL: http://svn.apache.org/viewvc/hadoop/chukwa/trunk/src/web/hicc/jsp/session.jsp?rev=760281&r1=760280&r2=760281&view=diff
==============================================================================
--- hadoop/chukwa/trunk/src/web/hicc/jsp/session.jsp (original)
+++ hadoop/chukwa/trunk/src/web/hicc/jsp/session.jsp Tue Mar 31 01:02:36 2009
@@ -17,14 +17,15 @@
  * limitations under the License.
  */
 %>
-<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.tomcat.util.http.Parameters" %>
+<%@ page import = "javax.servlet.http.*, java.sql.*,java.io.*, java.util.Calendar, java.util.Date, java.text.SimpleDateFormat, java.util.*, org.apache.tomcat.util.http.Parameters, org.apache.hadoop.chukwa.util.XssFilter" %>
 <%
+       XssFilter xf = new XssFilter(request);
        for (Enumeration e = request.getParameterNames() ; e.hasMoreElements() ;) {
            String name = (String) e.nextElement();
            if(name.equals("_delete")) {
-               session.setAttribute(request.getParameter(name),null);
+               session.setAttribute(xf.getParameter(name),null);
            } else {
-               session.setAttribute(name,request.getParameter(name));
+               session.setAttribute(xf.filter(name),xf.getParameter(name));
            }
        }
 %>



Mime
View raw message