summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-app-overlay/src/main/webapp
diff options
context:
space:
mode:
authorst398c <st398c@research.att.com>2019-03-28 16:30:03 -0400
committerst398c <st398c@research.att.com>2019-03-28 16:30:03 -0400
commitfa5f20d91c416a855f0d6afe157db8250574617c (patch)
tree3dd5dd3f8bccc8c0f30ca41cb2569aa4b0c5cefb /ecomp-sdk/epsdk-app-overlay/src/main/webapp
parent1ded3bb69c5e91cd879d83e13d2b3295710cdb4f (diff)
Fortify, version, Junit
Issue-ID: PORTAL-543, PORTAL-273, PORTAL-544 Change-Id: Ib864ef78bbd534170cab90d9314f2d8943f78872 Signed-off-by: Thota, Saisree <st398c@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-overlay/src/main/webapp')
-rw-r--r--ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js2
-rw-r--r--ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js9
-rw-r--r--ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js4
-rw-r--r--ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js10
-rw-r--r--ecomp-sdk/epsdk-app-overlay/src/main/webapp/static/fusion/raptor/ebz/report_run.js6
5 files changed, 15 insertions, 16 deletions
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js
index 2847ade5..5fcd12ca 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js
@@ -1 +1 @@
-var appDS2=angular.module("abs", ["ngRoute", 'ngMessages','modalServices', 'ngCookies', 'b2b.att','gridster','ui.bootstrap','ui.bootstrap.modal']); \ No newline at end of file
+var appDS2=angular.module("abs", ["ngRoute", 'ngMessages','modalServices', 'ngCookies', 'b2b.att','gridster','ui.bootstrap','ui.bootstrap.modal','ngSanitize']); \ No newline at end of file
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js
index 45c300fe..f5ec623a 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js
@@ -1,5 +1,5 @@
-appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter','$modal',
- function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter,$modal) {
+appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter','$modal','$sanitize',
+ function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter,$modal,$sanitize) {
$scope.dateformat = "MM/dd/yyyy";
$scope.datetimeformat = "MM/dd/yyyy hh:mm a";
$scope.showFormFields = false;
@@ -153,7 +153,6 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','
}
$scope.currentReportUrlParams = 'c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'&display_content=Y&r_page='+(paginationOptions.pageNumber-1);
- // console.log('raptor.htm?action=report.run.container&c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1));
$http.get('raptor.htm?action=report.run.container&c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1)).then(
function(response){
$scope.showLoader=false;
@@ -170,7 +169,7 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','
if($scope.reportData.errormessage) {
//console.log($scope.reportData);
var stacktraceFP = $scope.reportData.stacktrace.substring(0, $scope.reportData.stacktrace.indexOf(":")+1);
- document.getElementById('errorDiv').innerHTML = stacktraceFP + " " + $scope.reportData.errormessage;
+ document.getElementById('errorDiv').innerHTML = $sanitize(+stacktraceFP + " " + $scope.reportData.errormessage);
//console.log(document.getElementById('errorDiv').innerHtml);
//console.log(stacktraceFP + " " + $scope.reportData.errormessage);
}
@@ -182,7 +181,7 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','
// console.log(response.data);
$scope.showChart = true;
// console.log('response.data',response.data);
- document.getElementById('chartiframe').contentWindow.document.write(response.data);
+ document.getElementById('chartiframe').contentWindow.document.write($sanitize(response.data));
document.getElementById('chartiframe').contentWindow.document.close();
});
} else {
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js
index 0af15b78..b487fc9a 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js
@@ -96,6 +96,6 @@ app.controller('broadcastListController', function ($scope, modalService, $modal
});
-function editMessage(messageLocationId, messageLocation, messageId) {
- window.location='admin#/broadcast/'+messageLocationId + '/' + messageLocation + ((messageId != null) ? '/' + messageId : '');
+function editMessage(messageLocationId, messageLocation, messageId) {
+ window.location=encodeURIComponent('admin#/broadcast/'+messageLocationId + '/' + messageLocation + ((messageId != null) ? '/' + messageId : ''));
}
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js
index 4aabe3ad..02416a0c 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js
@@ -16,8 +16,8 @@
'use strict';
-angular.module('ui.dashboard')
- .controller('WidgetSettingsRaptorReportCtrl', ['$http','$scope','$rootScope','$uibModalInstance', 'widget', function ($http,$scope,$rootScope,$uibModalInstance, widget) {
+angular.module('ui.dashboard',['ngSanitize'])
+ .controller('WidgetSettingsRaptorReportCtrl', ['$http','$scope','$rootScope','$uibModalInstance', 'widget', '$sanitize', function ($http,$scope,$rootScope,$uibModalInstance, widget, $sanitize) {
// add watch function for widget here
// leave ajax call to the dashboard.js
@@ -161,8 +161,8 @@ angular.module('ui.dashboard')
$http.get('raptor.htm?action=report.run.container&c_master='+widget.report_id+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1)).then(
function(response){
widget.reportData = response.data;
- if(widget.reportData.errormessage) {
- document.getElementById('errorDiv').innerHTML = widget.reportData.errormessage;
+ if(widget.reportData.errormessage) {
+ document.getElementById('errorDiv').innerHTML = $sanitize(widget.reportData.errormessage);
console.log(document.getElementById('errorDiv').innerHtml);
console.log(widget.reportData.errormessage);
}
@@ -174,7 +174,7 @@ angular.module('ui.dashboard')
console.log(response.data);
$scope.showChart = true;
var chartiframe = document.getElementById('chartiframe');
- chartiframe.contentWindow.document.write(response.data);
+ chartiframe.contentWindow.document.write($sanitize(response.data));
chartiframe.contentWindow.document.close();
});
} else {
diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/static/fusion/raptor/ebz/report_run.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/static/fusion/raptor/ebz/report_run.js
index 436dedd0..ea965cce 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/static/fusion/raptor/ebz/report_run.js
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/static/fusion/raptor/ebz/report_run.js
@@ -1,5 +1,5 @@
-app.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter',
- function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter) {
+app.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter', '$sanitize',
+ function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter,$sanitize) {
$scope.dateformat = "MM/dd/yyyy";
$scope.datetimeformat = "MM/dd/yyyy hh:mm a";
$scope.showFormFields = false;
@@ -157,7 +157,7 @@ app.controller("reportRunController", ['$scope','$rootScope','$routeParams','$ht
if($scope.reportData.errormessage) {
//console.log($scope.reportData);
var stacktraceFP = $scope.reportData.stacktrace.substring(0, $scope.reportData.stacktrace.indexOf(":")+1);
- document.getElementById('errorDiv').innerHTML = stacktraceFP + " " + $scope.reportData.errormessage;
+ document.getElementById('errorDiv').innerHTML = $sanitize(stacktraceFP + " " + $scope.reportData.errormessage);
//console.log(document.getElementById('errorDiv').innerHtml);
//console.log(stacktraceFP + " " + $scope.reportData.errormessage);
}