From fa5f20d91c416a855f0d6afe157db8250574617c Mon Sep 17 00:00:00 2001 From: st398c Date: Thu, 28 Mar 2019 16:30:03 -0400 Subject: Fortify, version, Junit Issue-ID: PORTAL-543, PORTAL-273, PORTAL-544 Change-Id: Ib864ef78bbd534170cab90d9314f2d8943f78872 Signed-off-by: Thota, Saisree --- .../src/main/webapp/app/fusion/external/ds2/js/appDS2.js | 2 +- .../DS2-controllers/ds2-reports/report-run-controller.js | 9 ++++----- .../fusion/scripts/controllers/broadcast-list-controller.js | 4 ++-- .../directives/dashboard/WidgetSettingsRaptorReportCtrl.js | 10 +++++----- 4 files changed, 12 insertions(+), 13 deletions(-) (limited to 'ecomp-sdk/epsdk-app-overlay/src/main/webapp/app') diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js index 2847ade5..5fcd12ca 100644 --- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js +++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/external/ds2/js/appDS2.js @@ -1 +1 @@ -var appDS2=angular.module("abs", ["ngRoute", 'ngMessages','modalServices', 'ngCookies', 'b2b.att','gridster','ui.bootstrap','ui.bootstrap.modal']); \ No newline at end of file +var appDS2=angular.module("abs", ["ngRoute", 'ngMessages','modalServices', 'ngCookies', 'b2b.att','gridster','ui.bootstrap','ui.bootstrap.modal','ngSanitize']); \ No newline at end of file diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js index 45c300fe..f5ec623a 100644 --- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js +++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/DS2-controllers/ds2-reports/report-run-controller.js @@ -1,5 +1,5 @@ -appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter','$modal', - function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter,$modal) { +appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams','$http','dateFilter', '$window', '$timeout', 'rowSorter','$modal','$sanitize', + function ($scope,$rootScope,$routeParams,$http,dateFilter,$window,$timeout,rowSorter,$modal,$sanitize) { $scope.dateformat = "MM/dd/yyyy"; $scope.datetimeformat = "MM/dd/yyyy hh:mm a"; $scope.showFormFields = false; @@ -153,7 +153,6 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams',' } $scope.currentReportUrlParams = 'c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'&display_content=Y&r_page='+(paginationOptions.pageNumber-1); - // console.log('raptor.htm?action=report.run.container&c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1)); $http.get('raptor.htm?action=report.run.container&c_master='+$scope.urlParams.c_master+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1)).then( function(response){ $scope.showLoader=false; @@ -170,7 +169,7 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams',' if($scope.reportData.errormessage) { //console.log($scope.reportData); var stacktraceFP = $scope.reportData.stacktrace.substring(0, $scope.reportData.stacktrace.indexOf(":")+1); - document.getElementById('errorDiv').innerHTML = stacktraceFP + " " + $scope.reportData.errormessage; + document.getElementById('errorDiv').innerHTML = $sanitize(+stacktraceFP + " " + $scope.reportData.errormessage); //console.log(document.getElementById('errorDiv').innerHtml); //console.log(stacktraceFP + " " + $scope.reportData.errormessage); } @@ -182,7 +181,7 @@ appDS2.controller("reportRunController", ['$scope','$rootScope','$routeParams',' // console.log(response.data); $scope.showChart = true; // console.log('response.data',response.data); - document.getElementById('chartiframe').contentWindow.document.write(response.data); + document.getElementById('chartiframe').contentWindow.document.write($sanitize(response.data)); document.getElementById('chartiframe').contentWindow.document.close(); }); } else { diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js index 0af15b78..b487fc9a 100644 --- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js +++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/controllers/broadcast-list-controller.js @@ -96,6 +96,6 @@ app.controller('broadcastListController', function ($scope, modalService, $modal }); -function editMessage(messageLocationId, messageLocation, messageId) { - window.location='admin#/broadcast/'+messageLocationId + '/' + messageLocation + ((messageId != null) ? '/' + messageId : ''); +function editMessage(messageLocationId, messageLocation, messageId) { + window.location=encodeURIComponent('admin#/broadcast/'+messageLocationId + '/' + messageLocation + ((messageId != null) ? '/' + messageId : '')); } diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js index 4aabe3ad..02416a0c 100644 --- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js +++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/app/fusion/scripts/view-models/reportdashboard-page/src/components/directives/dashboard/WidgetSettingsRaptorReportCtrl.js @@ -16,8 +16,8 @@ 'use strict'; -angular.module('ui.dashboard') - .controller('WidgetSettingsRaptorReportCtrl', ['$http','$scope','$rootScope','$uibModalInstance', 'widget', function ($http,$scope,$rootScope,$uibModalInstance, widget) { +angular.module('ui.dashboard',['ngSanitize']) + .controller('WidgetSettingsRaptorReportCtrl', ['$http','$scope','$rootScope','$uibModalInstance', 'widget', '$sanitize', function ($http,$scope,$rootScope,$uibModalInstance, widget, $sanitize) { // add watch function for widget here // leave ajax call to the dashboard.js @@ -161,8 +161,8 @@ angular.module('ui.dashboard') $http.get('raptor.htm?action=report.run.container&c_master='+widget.report_id+'&'+formFieldsUrl+'refresh=Y&display_content=Y&r_page='+(paginationOptions.pageNumber-1)).then( function(response){ widget.reportData = response.data; - if(widget.reportData.errormessage) { - document.getElementById('errorDiv').innerHTML = widget.reportData.errormessage; + if(widget.reportData.errormessage) { + document.getElementById('errorDiv').innerHTML = $sanitize(widget.reportData.errormessage); console.log(document.getElementById('errorDiv').innerHtml); console.log(widget.reportData.errormessage); } @@ -174,7 +174,7 @@ angular.module('ui.dashboard') console.log(response.data); $scope.showChart = true; var chartiframe = document.getElementById('chartiframe'); - chartiframe.contentWindow.document.write(response.data); + chartiframe.contentWindow.document.write($sanitize(response.data)); chartiframe.contentWindow.document.close(); }); } else { -- cgit 1.2.3-korg