From 2066e6a977c38ea95ea19374232b9904032283ca Mon Sep 17 00:00:00 2001 From: Instrumental Date: Thu, 24 May 2018 16:33:59 -0500 Subject: Protect History Display Issue-ID: AAF-324 Change-Id: I8829afdab7ae1baee1d6ebf10708997074b3aaa9 Signed-off-by: Instrumental --- .../src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java | 3 ++- .../src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java | 4 ++-- .../src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java | 6 +++--- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java index 1bffbb6f..96ec002e 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java @@ -196,10 +196,11 @@ public class NsHistory extends Page { String user = i.getUser(); AbsCell userCell = new TextCell(user); + String memo = i.getMemo().replace("", "</script>"); rv.add(new AbsCell[] { new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()), userCell, - new TextCell(i.getMemo()) + new TextCell(memo) }); } } finally { diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java index 64a0db17..b7a9960c 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java @@ -207,11 +207,11 @@ public class PermHistory extends Page { for (Item i : histItems) { String user = i.getUser(); AbsCell userCell = new TextCell(user); - + String memo = i.getMemo().replace("", "</script>"); rv.add(new AbsCell[] { new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()), userCell, - new TextCell(i.getMemo()) + new TextCell(memo) }); } diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java index 7b07b60d..5f7625aa 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java @@ -38,7 +38,6 @@ import org.onap.aaf.auth.gui.Page; import org.onap.aaf.auth.gui.Table; import org.onap.aaf.auth.gui.Table.Cells; import org.onap.aaf.auth.gui.table.AbsCell; -import org.onap.aaf.auth.gui.table.RefCell; import org.onap.aaf.auth.gui.table.TableData; import org.onap.aaf.auth.gui.table.TextCell; import org.onap.aaf.cadi.CadiException; @@ -195,11 +194,12 @@ public class RoleHistory extends Page { for (Item i : histItems) { String user = i.getUser(); AbsCell userCell = new TextCell(user); - + + String memo = i.getMemo().replace("", "</script>"); rv.add(new AbsCell[] { new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()), userCell, - new TextCell(i.getMemo()) + new TextCell(memo) }); } } else { -- cgit 1.2.3-korg