Skip to content

Commit

Permalink
[FIXED JENKINS-14910] Escape HTML characters in YAML diagnostics
Browse files Browse the repository at this point in the history
  • Loading branch information
@kinow
kinow committed Sep 10, 2012
1 parent d4e3b4f commit 52a7986
Show file tree
Hide file tree
Showing 2 changed files with 51 additions and 66 deletions.
2 changes: 1 addition & 1 deletion src/main/java/org/tap4j/plugin/TapResult.java
View file
Expand Up @@ -241,7 +241,7 @@ public String getContents(String fileName) {
FilePath tapDir = new FilePath(new FilePath(new File(build.getRootDir(), "tap")), fileName);
try {
if(tapDir.exists()) {
contents = tapDir.readToString();
contents = org.apache.commons.lang.StringEscapeUtils.escapeHtml(tapDir.readToString());
}
} catch (IOException e) {
contents = e.getMessage();
Expand Down
115 changes: 50 additions & 65 deletions src/main/java/org/tap4j/plugin/util/DiagnosticUtil.java
View file
Expand Up @@ -33,108 +33,93 @@
* @author Bruno P. Kinoshita - http://www.kinoshita.eti.br
* @since 1.0
*/
public class DiagnosticUtil
{
public class DiagnosticUtil {

private enum RENDER_TYPE
{
private enum RENDER_TYPE {
TEXT, IMAGE
};

private static final String INNER_TABLE_HEADER =
"<tr>\n<td colspan='4' class='yaml'>\n<table width=\"100%\" class=\"yaml\">";

private static final String INNER_TABLE_FOOTER =
"</table>\n</td>\n</tr>";

private DiagnosticUtil()
{

private static final String INNER_TABLE_HEADER = "<tr>\n<td colspan='4' class='yaml'>\n<table width=\"100%\" class=\"yaml\">";

private static final String INNER_TABLE_FOOTER = "</table>\n</td>\n</tr>";

private DiagnosticUtil() {
super();
}

public static String createDiagnosticTable( Map<String, Object> diagnostic )
{


public static String createDiagnosticTable(Map<String, Object> diagnostic) {
StringBuilder sb = new StringBuilder();

createDiagnosticTableRecursively( diagnostic, sb, 1 ); // 1 is the first depth

createDiagnosticTableRecursively(diagnostic, sb, 1); // 1 is the first
// depth
return sb.toString();
}

@SuppressWarnings({ "rawtypes", "unchecked" })
public static void createDiagnosticTableRecursively( Map<String, Object> diagnostic, StringBuilder sb, int depth )
{

sb.append( INNER_TABLE_HEADER );

RENDER_TYPE renderType = getMapEntriesRenderType( diagnostic );

for (Entry<String, Object> entry : diagnostic.entrySet() )
{
public static void createDiagnosticTableRecursively(
Map<String, Object> diagnostic, StringBuilder sb, int depth) {

sb.append(INNER_TABLE_HEADER);

RENDER_TYPE renderType = getMapEntriesRenderType(diagnostic);

for (Entry<String, Object> entry : diagnostic.entrySet()) {
String key = entry.getKey();
Object value = entry.getValue();
sb.append("<tr>");

for( int i =0 ; i < depth ; ++i )
{
sb.append( "<td width='5%' class='hidden'> </td>" );
}
sb.append( "<td style=\"width: auto;\">"+key+"</td>" );
if ( value instanceof java.util.Map )
{
sb.append( "<td> </td>" );
createDiagnosticTableRecursively ( (java.util.Map)value, sb, (depth+1));

for (int i = 0; i < depth; ++i) {
sb.append("<td width='5%' class='hidden'> </td>");
}
else
{
sb.append( "<td>"+ getRenderedValue( key, value, renderType ) +"</td>" );
sb.append("<td style=\"width: auto;\">" + key + "</td>");
if (value instanceof java.util.Map) {
sb.append("<td> </td>");
createDiagnosticTableRecursively((java.util.Map) value, sb,
(depth + 1));
} else {
sb.append("<td>" + getRenderedValue(key, value, renderType)
+ "</td>");
}
sb.append( "</tr>" );
sb.append("</tr>");
}
sb.append( INNER_TABLE_FOOTER );

sb.append(INNER_TABLE_FOOTER);
}

/**
* @param diagnostic
* @return
*/
private static RENDER_TYPE getMapEntriesRenderType(
Map<String, Object> diagnostic )
{
Map<String, Object> diagnostic) {
RENDER_TYPE renderType = RENDER_TYPE.TEXT;
final Set<String> keys = diagnostic.keySet();
if ( keys.contains("File-Type") && (keys.contains("File-Location") || keys.contains("File-Content") ))
{
if (keys.contains("File-Type")
&& (keys.contains("File-Location") || keys
.contains("File-Content"))) {
renderType = RENDER_TYPE.IMAGE;
}
return renderType;
}

/**
* @param key
* @param value
* @param renderType
* @param value
* @param renderType
* @return
*/
private static String getRenderedValue( String key, Object value, RENDER_TYPE renderType )
{
switch( renderType )
{
private static String getRenderedValue(String key, Object value,
RENDER_TYPE renderType) {
switch (renderType) {
case IMAGE:
if( key.equals("File-Content") )
{
if (key.equals("File-Content")) {
return "Base64 content suppressed!";
}
else
{
return value.toString();
} else {
return org.apache.commons.lang.StringEscapeUtils.escapeHtml(value.toString());
}
default:
case TEXT:
return value.toString();
return org.apache.commons.lang.StringEscapeUtils.escapeHtml(value.toString());
}
}

}

4 comments on commit 52a7986

@linhpham
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi, we output some links to our test case as HTML in TAP comments. Because of the escapeHtml, we see the links as anchor string on Jenkins rather than a nice link that we can click at. Is it possible to have a config flag to escape or un-escape (providing users the options, rather than always escape)?

Thanks.

@kinow
Copy link
Member Author

@kinow kinow commented on 52a7986 Dec 5, 2013

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @linhpham, sure, that does make sense. Sorry. I fixed the other issue (escape HTML) but didn't think it would cause a new one (display un-escaped links).

Could you please fill an issue in issues.jenkins-ci.org with a short description and maybe a link to this commit too? I'll take a look into it as soon as I get another development cycle to work on jenkins plugins. Use tap as component.

Thanks!

@linhpham
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @kinow , thanks for responding. I have created a JIRA here: https://issues.jenkins-ci.org/browse/JENKINS-20917
Cheers.

@kinow
Copy link
Member Author

@kinow kinow commented on 52a7986 Dec 9, 2013

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

Please sign in to comment.