summaryrefslogtreecommitdiffstats
path: root/auth/auth-gui/src
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-05-24 16:33:59 -0500
committerInstrumental <jonathan.gathman@att.com>2018-05-24 16:34:02 -0500
commit2066e6a977c38ea95ea19374232b9904032283ca (patch)
treedce20d5f6fc00a5bdf898491d587d59bf0ebcfae /auth/auth-gui/src
parent2e8044d4a98d96c4b45553f5d30b41ef1371947e (diff)
Protect History Display
Issue-ID: AAF-324 Change-Id: I8829afdab7ae1baee1d6ebf10708997074b3aaa9 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-gui/src')
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java3
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java4
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java6
3 files changed, 7 insertions, 6 deletions
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
index 1bffbb6f..96ec002e 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
@@ -196,10 +196,11 @@ public class NsHistory extends Page {
String user = i.getUser();
AbsCell userCell = new TextCell(user);
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
userCell,
- new TextCell(i.getMemo())
+ new TextCell(memo)
});
}
} finally {
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
index 64a0db17..b7a9960c 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
@@ -207,11 +207,11 @@ public class PermHistory extends Page {
for (Item i : histItems) {
String user = i.getUser();
AbsCell userCell = new TextCell(user);
-
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
userCell,
- new TextCell(i.getMemo())
+ new TextCell(memo)
});
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
index 7b07b60d..5f7625aa 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
@@ -38,7 +38,6 @@ import org.onap.aaf.auth.gui.Page;
import org.onap.aaf.auth.gui.Table;
import org.onap.aaf.auth.gui.Table.Cells;
import org.onap.aaf.auth.gui.table.AbsCell;
-import org.onap.aaf.auth.gui.table.RefCell;
import org.onap.aaf.auth.gui.table.TableData;
import org.onap.aaf.auth.gui.table.TextCell;
import org.onap.aaf.cadi.CadiException;
@@ -195,11 +194,12 @@ public class RoleHistory extends Page {
for (Item i : histItems) {
String user = i.getUser();
AbsCell userCell = new TextCell(user);
-
+
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
rv.add(new AbsCell[] {
new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
userCell,
- new TextCell(i.getMemo())
+ new TextCell(memo)
});
}
} else {