diff options
16 files changed, 102 insertions, 87 deletions
diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/authorization/checkUser.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/authorization/checkUser.js index 3fc60854f6..159c7458ed 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/authorization/checkUser.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/authorization/checkUser.js @@ -21,16 +21,17 @@ require(["dojo/dom", "qpid/authorization/sasl", - "dojo/domReady!"], function(dom, sasl){ + "dojox/html/entities", + "dojo/domReady!"], function(dom, sasl, entities){ var updateUI = function updateUI(data) { if(data.user) { - dom.byId("authenticatedUser").innerHTML = data.user; + dom.byId("authenticatedUser").innerHTML = entities.encode(String(data.user)); dom.byId("login").style.display = "block"; } }; sasl.getUser(updateUI); -});
\ No newline at end of file +}); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AccessControlProvider.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AccessControlProvider.js index 9d9343623b..1a056d681c 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AccessControlProvider.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AccessControlProvider.js @@ -29,10 +29,11 @@ define(["dojo/_base/xhr", "dojox/grid/EnhancedGrid", "dijit/registry", "dojo/_base/event", + "dojox/html/entities", "dojox/grid/enhanced/plugins/Pagination", "dojox/grid/enhanced/plugins/IndirectSelection", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, event) { + function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, event, entities) { function AccessControlProvider(name, parent, controller) { this.name = name; @@ -124,9 +125,9 @@ define(["dojo/_base/xhr", AccessControlProviderUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.accessControlProviderData[ "name" ]; - this.type.innerHTML = this.accessControlProviderData[ "type" ]; - this.state.innerHTML = this.accessControlProviderData[ "state" ]; + this.name.innerHTML = entities.encode(String(this.accessControlProviderData[ "name" ])); + this.type.innerHTML = entities.encode(String(this.accessControlProviderData[ "type" ])); + this.state.innerHTML = entities.encode(String(this.accessControlProviderData[ "state" ])); }; return AccessControlProvider; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AuthenticationProvider.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AuthenticationProvider.js index 4778671bda..978ac4b45f 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AuthenticationProvider.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/AuthenticationProvider.js @@ -31,10 +31,11 @@ define(["dojo/_base/xhr", "dojo/_base/event", "dijit/registry", "dojo/dom-style", + "dojox/html/entities", "dojox/grid/enhanced/plugins/Pagination", "dojox/grid/enhanced/plugins/IndirectSelection", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, addAuthenticationProvider, event, registry, domStyle) { + function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, addAuthenticationProvider, event, registry, domStyle, entities) { function AuthenticationProvider(name, parent, controller) { this.name = name; @@ -151,9 +152,9 @@ define(["dojo/_base/xhr", AuthProviderUpdater.prototype.updateHeader = function() { this.authenticationProvider.name = this.authProviderData[ "name" ] - this.name.innerHTML = this.authProviderData[ "name" ]; - this.type.innerHTML = this.authProviderData[ "type" ]; - this.state.innerHTML = this.authProviderData[ "state" ]; + this.name.innerHTML = entities.encode(String(this.authProviderData[ "name" ])); + this.type.innerHTML = entities.encode(String(this.authProviderData[ "type" ])); + this.state.innerHTML = entities.encode(String(this.authProviderData[ "state" ])); }; AuthProviderUpdater.prototype.update = function() diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js index 7a338476c4..fbd42d8d16 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js @@ -28,6 +28,7 @@ define(["dojo/_base/xhr", "qpid/common/UpdatableStore", "dojox/grid/EnhancedGrid", "dijit/registry", + "dojox/html/entities", "qpid/management/addAuthenticationProvider", "qpid/management/addVirtualHost", "qpid/management/addPort", @@ -44,7 +45,7 @@ define(["dojo/_base/xhr", "dijit/form/CheckBox", "dojo/store/Memory", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, addAuthenticationProvider, addVirtualHost, addPort, addKeystore, addGroupProvider, addAccessControlProvider) { + function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, entities, addAuthenticationProvider, addVirtualHost, addPort, addKeystore, addGroupProvider, addAccessControlProvider) { function Broker(name, parent, controller) { this.name = name; @@ -719,7 +720,7 @@ define(["dojo/_base/xhr", { container.style.display = "block"; } - element.innerHTML = brokerData [propertyName]; + element.innerHTML = entities.encode(String(brokerData [propertyName])); } else { @@ -817,14 +818,14 @@ define(["dojo/_base/xhr", BrokerUpdater.prototype.showReadOnlyAttributes = function() { var brokerData = this.brokerData; - dojo.byId("brokerAttribute.name").innerHTML = brokerData.name; - dojo.byId("brokerAttribute.operatingSystem").innerHTML = brokerData.operatingSystem; - dojo.byId("brokerAttribute.platform").innerHTML = brokerData.platform; - dojo.byId("brokerAttribute.productVersion").innerHTML = brokerData.productVersion; - dojo.byId("brokerAttribute.modelVersion").innerHTML = brokerData.modelVersion; - dojo.byId("brokerAttribute.storeType").innerHTML = brokerData.storeType; - dojo.byId("brokerAttribute.storeVersion").innerHTML = brokerData.storeVersion; - dojo.byId("brokerAttribute.storePath").innerHTML = brokerData.storePath; + dojo.byId("brokerAttribute.name").innerHTML = entities.encode(String(brokerData.name)); + dojo.byId("brokerAttribute.operatingSystem").innerHTML = entities.encode(String(brokerData.operatingSystem)); + dojo.byId("brokerAttribute.platform").innerHTML = entities.encode(String(brokerData.platform)); + dojo.byId("brokerAttribute.productVersion").innerHTML = entities.encode(String(brokerData.productVersion)); + dojo.byId("brokerAttribute.modelVersion").innerHTML = entities.encode(String(brokerData.modelVersion)); + dojo.byId("brokerAttribute.storeType").innerHTML = entities.encode(String(brokerData.storeType)); + dojo.byId("brokerAttribute.storeVersion").innerHTML = entities.encode(String(brokerData.storeVersion)); + dojo.byId("brokerAttribute.storePath").innerHTML = entities.encode(String(brokerData.storePath)); } return Broker; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Connection.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Connection.js index 91dc52d6cf..2cf73eb70e 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Connection.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Connection.js @@ -27,8 +27,9 @@ define(["dojo/_base/xhr", "qpid/common/util", "qpid/common/formatter", "qpid/common/UpdatableStore", + "dojox/html/entities", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, formatter, UpdatableStore) { + function (xhr, parser, query, connect, properties, updater, util, formatter, UpdatableStore, entities) { function Connection(name, parent, controller) { this.name = name; @@ -121,12 +122,11 @@ define(["dojo/_base/xhr", ConnectionUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.connectionData[ "name" ]; - this.state.innerHTML = this.connectionData[ "state" ]; - this.durable.innerHTML = this.connectionData[ "durable" ]; - this.principal.innerHTML = this.connectionData[ "principal" ]; - this.lifetimePolicy.innerHTML = this.connectionData[ "lifetimePolicy" ]; - + this.name.innerHTML = entities.encode(String(this.connectionData[ "name" ])); + this.state.innerHTML = entities.encode(String(this.connectionData[ "state" ])); + this.durable.innerHTML = entities.encode(String(this.connectionData[ "durable" ])); + this.principal.innerHTML = entities.encode(String(this.connectionData[ "principal" ])); + this.lifetimePolicy.innerHTML = entities.encode(String(this.connectionData[ "lifetimePolicy" ])); }; ConnectionUpdater.prototype.update = function() @@ -212,4 +212,4 @@ define(["dojo/_base/xhr", return Connection; - });
\ No newline at end of file + }); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Exchange.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Exchange.js index 5a5a6515ef..da63156176 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Exchange.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Exchange.js @@ -30,8 +30,9 @@ define(["dojo/_base/xhr", "qpid/common/UpdatableStore", "qpid/management/addBinding", "dojox/grid/EnhancedGrid", + "dojox/html/entities", "dojo/domReady!"], - function (xhr, parser, query, connect, registry, properties, updater, util, formatter, UpdatableStore, addBinding, EnhancedGrid) { + function (xhr, parser, query, connect, registry, properties, updater, util, formatter, UpdatableStore, addBinding, EnhancedGrid, entities) { function Exchange(name, parent, controller) { this.name = name; @@ -191,10 +192,10 @@ define(["dojo/_base/xhr", ExchangeUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.exchangeData[ "name" ]; - this.state.innerHTML = this.exchangeData[ "state" ]; - this.durable.innerHTML = this.exchangeData[ "durable" ]; - this.lifetimePolicy.innerHTML = this.exchangeData[ "lifetimePolicy" ]; + this.name.innerHTML = entities.encode(String(this.exchangeData[ "name" ])); + this.state.innerHTML = entities.encode(String(this.exchangeData[ "state" ])); + this.durable.innerHTML = entities.encode(String(this.exchangeData[ "durable" ])); + this.lifetimePolicy.innerHTML = entities.encode(String(this.exchangeData[ "lifetimePolicy" ])); }; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/GroupProvider.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/GroupProvider.js index 9dde224982..fdaaa2c116 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/GroupProvider.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/GroupProvider.js @@ -29,10 +29,11 @@ define(["dojo/_base/xhr", "dojox/grid/EnhancedGrid", "dijit/registry", "dojo/_base/event", + "dojox/html/entities", "dojox/grid/enhanced/plugins/Pagination", "dojox/grid/enhanced/plugins/IndirectSelection", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, event) { + function (xhr, parser, query, connect, properties, updater, util, UpdatableStore, EnhancedGrid, registry, event, entities) { function GroupProvider(name, parent, controller) { this.name = name; @@ -133,9 +134,9 @@ define(["dojo/_base/xhr", GroupProviderUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.groupProviderData[ "name" ]; - this.type.innerHTML = this.groupProviderData[ "type" ]; - this.state.innerHTML = this.groupProviderData[ "state" ]; + this.name.innerHTML = entities.encode(String(this.groupProviderData[ "name" ])); + this.type.innerHTML = entities.encode(String(this.groupProviderData[ "type" ])); + this.state.innerHTML = entities.encode(String(this.groupProviderData[ "state" ])); }; GroupProviderUpdater.prototype.update = function() diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/KeyStore.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/KeyStore.js index 9702c6b9f6..36930be85a 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/KeyStore.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/KeyStore.js @@ -24,13 +24,14 @@ define(["dojo/dom", "dojo/query", "dojo/_base/connect", "dijit/registry", + "dojox/html/entities", "qpid/common/properties", "qpid/common/updater", "qpid/common/util", "qpid/common/formatter", "qpid/management/addKeystore", "dojo/domReady!"], - function (dom, xhr, parser, query, connect, registry, properties, updater, util, formatter, addKeystore) { + function (dom, xhr, parser, query, connect, registry, entities, properties, updater, util, formatter, addKeystore) { function KeyStore(name, parent, controller, objectType) { this.keyStoreName = name; @@ -118,11 +119,11 @@ define(["dojo/dom", KeyStoreUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.keyStoreData[ "name" ]; - this.path.innerHTML = this.keyStoreData[ "path" ]; - this.type.innerHTML = this.keyStoreData[ "type" ]; - this.keyManagerFactoryAlgorithm.innerHTML = this.keyStoreData[ "keyManagerFactoryAlgorithm" ]; - this.certificateAlias.innerHTML = this.keyStoreData[ "certificateAlias" ] ? this.keyStoreData[ "certificateAlias" ] : ""; + this.name.innerHTML = entities.encode(String(this.keyStoreData[ "name" ])); + this.path.innerHTML = entities.encode(String(this.keyStoreData[ "path" ])); + this.type.innerHTML = entities.encode(String(this.keyStoreData[ "type" ])); + this.keyManagerFactoryAlgorithm.innerHTML = entities.encode(String(this.keyStoreData[ "keyManagerFactoryAlgorithm" ])); + this.certificateAlias.innerHTML = this.keyStoreData[ "certificateAlias" ] ? entities.encode(String( this.keyStoreData[ "certificateAlias" ])) : ""; }; KeyStoreUpdater.prototype.update = function() diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Plugin.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Plugin.js index b398683110..3f47c6d0ba 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Plugin.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Plugin.js @@ -27,8 +27,9 @@ define(["dojo/_base/xhr", "qpid/common/util", "dijit/registry", "dojo/_base/event", + "dojox/html/entities", "dojo/domReady!"], - function (xhr, parser, query, connect, properties, updater, util, registry, event) { + function (xhr, parser, query, connect, properties, updater, util, registry, event, entities) { function Plugin(name, parent, controller) { this.name = name; @@ -88,8 +89,8 @@ define(["dojo/_base/xhr", PluginUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.pluginData[ "name" ]; - this.type.innerHTML = this.pluginData[ "pluginType" ]; + this.name.innerHTML = entities.encode(String(this.pluginData[ "name" ])); + this.type.innerHTML = entities.encode(String(this.pluginData[ "pluginType" ])); }; return Plugin; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Port.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Port.js index 5d6ce6727b..45c54745da 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Port.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Port.js @@ -24,13 +24,14 @@ define(["dojo/dom", "dojo/query", "dojo/_base/connect", "dijit/registry", + "dojox/html/entities", "qpid/common/properties", "qpid/common/updater", "qpid/common/util", "qpid/common/formatter", "qpid/management/addPort", "dojo/domReady!"], - function (dom, xhr, parser, query, connect, registry, properties, updater, util, formatter, addPort) { + function (dom, xhr, parser, query, connect, registry, entities, properties, updater, util, formatter, addPort) { function Port(name, parent, controller) { this.name = name; @@ -163,20 +164,20 @@ define(["dojo/dom", var data = "<div>"; if (array) { for(var i = 0; i < array.length; i++) { - data+= "<div>" + array[i] + "</div>"; + data+= "<div>" + entities.encode(array[i]) + "</div>"; } } return data + "</div>"; } - this.nameValue.innerHTML = this.keyStoreData[ "name" ]; - this.stateValue.innerHTML = this.keyStoreData[ "state" ]; - this.portValue.innerHTML = this.keyStoreData[ "port" ]; - this.authenticationProviderValue.innerHTML = this.keyStoreData[ "authenticationProvider" ] ? this.keyStoreData[ "authenticationProvider" ] : ""; + this.nameValue.innerHTML = entities.encode(String(this.keyStoreData[ "name" ])); + this.stateValue.innerHTML = entities.encode(String(this.keyStoreData[ "state" ])); + this.portValue.innerHTML = entities.encode(String(this.keyStoreData[ "port" ])); + this.authenticationProviderValue.innerHTML = this.keyStoreData[ "authenticationProvider" ] ? entities.encode(String(this.keyStoreData[ "authenticationProvider" ])) : ""; this.protocolsValue.innerHTML = printArray( "protocols", this.keyStoreData); this.transportsValue.innerHTML = printArray( "transports", this.keyStoreData); - this.bindingAddressValue.innerHTML = this.keyStoreData[ "bindingAddress" ] ? this.keyStoreData[ "bindingAddress" ] : "" ; - this.keyStoreValue.innerHTML = this.keyStoreData[ "keyStore" ] ? this.keyStoreData[ "keyStore" ] : ""; + this.bindingAddressValue.innerHTML = this.keyStoreData[ "bindingAddress" ] ? entities.encode(String(this.keyStoreData[ "bindingAddress" ])) : "" ; + this.keyStoreValue.innerHTML = this.keyStoreData[ "keyStore" ] ? entities.encode(String(this.keyStoreData[ "keyStore" ])) : ""; this.needClientAuthValue.innerHTML = "<input type='checkbox' disabled='disabled' "+(this.keyStoreData[ "needClientAuth" ] ? "checked='checked'": "")+" />" ; this.wantClientAuthValue.innerHTML = "<input type='checkbox' disabled='disabled' "+(this.keyStoreData[ "wantClientAuth" ] ? "checked='checked'": "")+" />" ; this.trustStoresValue.innerHTML = printArray( "trustStores", this.keyStoreData); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Queue.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Queue.js index 8b332dbf92..cb6846878f 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Queue.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Queue.js @@ -36,11 +36,12 @@ define(["dojo/_base/xhr", "dojo/store/JsonRest", "dojox/grid/EnhancedGrid", "dojo/data/ObjectStore", + "dojox/html/entities", "dojox/grid/enhanced/plugins/Pagination", "dojox/grid/enhanced/plugins/IndirectSelection", "dojo/domReady!"], function (xhr, parser, query, registry, connect, event, json, properties, updater, util, formatter, - UpdatableStore, addBinding, moveMessages, showMessage, JsonRest, EnhancedGrid, ObjectStore) { + UpdatableStore, addBinding, moveMessages, showMessage, JsonRest, EnhancedGrid, ObjectStore, entities) { function Queue(name, parent, controller) { this.name = name; @@ -331,29 +332,29 @@ define(["dojo/_base/xhr", { var bytesDepth; - this.name.innerHTML = this.queueData[ "name" ]; - this.state.innerHTML = this.queueData[ "state" ]; - this.durable.innerHTML = this.queueData[ "durable" ]; - this.lifetimePolicy.innerHTML = this.queueData[ "lifetimePolicy" ]; - this.alternateExchange.innerHTML = this.queueData[ "alternateExchange" ] ? this.queueData[ "alternateExchange" ]: "" ; + this.name.innerHTML = entities.encode(String(this.queueData[ "name" ])); + this.state.innerHTML = entities.encode(String(this.queueData[ "state" ])); + this.durable.innerHTML = entities.encode(String(this.queueData[ "durable" ])); + this.lifetimePolicy.innerHTML = entities.encode(String(this.queueData[ "lifetimePolicy" ])); + this.alternateExchange.innerHTML = this.queueData[ "alternateExchange" ] ? entities.encode(String(this.queueData[ "alternateExchange" ])) : "" ; - this.queueDepthMessages.innerHTML = this.queueData["queueDepthMessages"]; + this.queueDepthMessages.innerHTML = entities.encode(String(this.queueData["queueDepthMessages"])); bytesDepth = formatter.formatBytes( this.queueData["queueDepthBytes"] ); this.queueDepthBytes.innerHTML = "(" + bytesDepth.value; this.queueDepthBytesUnits.innerHTML = bytesDepth.units + ")"; - this.unacknowledgedMessages.innerHTML = this.queueData["unacknowledgedMessages"]; + this.unacknowledgedMessages.innerHTML = entities.encode(String(this.queueData["unacknowledgedMessages"])); bytesDepth = formatter.formatBytes( this.queueData["unacknowledgedBytes"] ); this.unacknowledgedBytes.innerHTML = "(" + bytesDepth.value; this.unacknowledgedBytesUnits.innerHTML = bytesDepth.units + ")"; - this.type.innerHTML = this.queueData[ "type" ]; + this.type.innerHTML = entities.encode(this.queueData[ "type" ]); if (this.queueData.type == "standard") { this.typeQualifier.style.display = "none"; } else { - this.typeQualifier.innerHTML = "(" + queueTypeKeyNames[this.queueData.type] + ": " + this.queueData[queueTypeKeys[this.queueData.type]] + ")"; + this.typeQualifier.innerHTML = entities.encode("(" + queueTypeKeyNames[this.queueData.type] + ": " + this.queueData[queueTypeKeys[this.queueData.type]] + ")"); } }; @@ -400,7 +401,7 @@ define(["dojo/_base/xhr", thisObj.alertThresholdQueueDepthBytes.innerHTML = alertQueueDepth.value; thisObj.alertThresholdQueueDepthBytesUnits.innerHTML = alertQueueDepth.units; - thisObj.alertThresholdQueueDepthMessages.innerHTML = thisObj.queueData["alertThresholdQueueDepthMessages"]; + thisObj.alertThresholdQueueDepthMessages.innerHTML = entities.encode(String(thisObj.queueData["alertThresholdQueueDepthMessages"])); var sampleTime = new Date(); var messageIn = thisObj.queueData["totalEnqueuedMessages"]; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/TrustStore.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/TrustStore.js index 703ef34ec2..e3d880ce24 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/TrustStore.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/TrustStore.js @@ -24,13 +24,14 @@ define(["dojo/dom", "dojo/query", "dojo/_base/connect", "dijit/registry", + "dojox/html/entities", "qpid/common/properties", "qpid/common/updater", "qpid/common/util", "qpid/common/formatter", "qpid/management/addKeystore", "dojo/domReady!"], - function (dom, xhr, parser, query, connect, registry, properties, updater, util, formatter, addKeystore) { + function (dom, xhr, parser, query, connect, registry, entities, properties, updater, util, formatter, addKeystore) { function TrustStore(name, parent, controller) { this.keyStoreName = name; @@ -118,10 +119,10 @@ define(["dojo/dom", KeyStoreUpdater.prototype.updateHeader = function() { - this.name.innerHTML = this.keyStoreData[ "name" ]; - this.path.innerHTML = this.keyStoreData[ "path" ]; - this.type.innerHTML = this.keyStoreData[ "type" ]; - this.trustManagerFactoryAlgorithm.innerHTML = this.keyStoreData[ "trustManagerFactoryAlgorithm" ]; + this.name.innerHTML = entities.encode(String(this.keyStoreData[ "name" ])); + this.path.innerHTML = entities.encode(String(this.keyStoreData[ "path" ])); + this.type.innerHTML = entities.encode(String(this.keyStoreData[ "type" ])); + this.trustManagerFactoryAlgorithm.innerHTML = entities.encode(String(this.keyStoreData[ "trustManagerFactoryAlgorithm" ])); this.peersOnly.innerHTML = "<input type='checkbox' disabled='disabled' "+(this.keyStoreData[ "peersOnly" ] ? "checked='checked'": "")+" />" ; }; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/VirtualHost.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/VirtualHost.js index 23c164f052..ffa329c5e7 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/VirtualHost.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/VirtualHost.js @@ -23,6 +23,7 @@ define(["dojo/_base/xhr", "dojo/query", "dojo/_base/connect", "dijit/registry", + "dojox/html/entities", "qpid/common/properties", "qpid/common/updater", "qpid/common/util", @@ -32,7 +33,7 @@ define(["dojo/_base/xhr", "qpid/management/addExchange", "dojox/grid/EnhancedGrid", "dojo/domReady!"], - function (xhr, parser, query, connect, registry, properties, updater, util, formatter, UpdatableStore, addQueue, addExchange, EnhancedGrid) { + function (xhr, parser, query, connect, registry, entities, properties, updater, util, formatter, UpdatableStore, addQueue, addExchange, EnhancedGrid) { function VirtualHost(name, parent, controller) { this.name = name; @@ -238,13 +239,13 @@ define(["dojo/_base/xhr", Updater.prototype.updateHeader = function() { - this.name.innerHTML = this.vhostData[ "name" ]; - this.state.innerHTML = this.vhostData[ "state" ]; - this.durable.innerHTML = this.vhostData[ "durable" ]; - this.lifetimePolicy.innerHTML = this.vhostData[ "lifetimePolicy" ]; - this.storeType.innerHTML = this.vhostData[ "storeType" ]; - this.storePath.innerHTML = this.vhostData[ "storePath" ]; - this.configPath.innerHTML = this.vhostData[ "configPath" ]; + this.name.innerHTML = entities.encode(String(this.vhostData[ "name" ])); + this.state.innerHTML = entities.encode(String(this.vhostData[ "state" ])); + this.durable.innerHTML = entities.encode(String(this.vhostData[ "durable" ])); + this.lifetimePolicy.innerHTML = entities.encode(String(this.vhostData[ "lifetimePolicy" ])); + this.storeType.innerHTML = entities.encode(String(this.vhostData[ "storeType" ])); + this.storePath.innerHTML = entities.encode(String(this.vhostData[ "storePath" ])); + this.configPath.innerHTML = entities.encode(String(this.vhostData[ "configPath" ])); }; Updater.prototype.update = function() @@ -285,7 +286,7 @@ define(["dojo/_base/xhr", thisObj.alertThresholdQueueDepthBytes.innerHTML = alertQueueDepth.value; thisObj.alertThresholdQueueDepthBytesUnits.innerHTML = alertQueueDepth.units; - thisObj.alertThresholdQueueDepthMessages.innerHTML = thisObj.vhostData["queue.alertThresholdQueueDepthMessages"]; + thisObj.alertThresholdQueueDepthMessages.innerHTML = entities.encode(String(thisObj.vhostData["queue.alertThresholdQueueDepthMessages"])); var stats = thisObj.vhostData[ "statistics" ]; diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js index 56f92c2025..3aa9d0baee 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/accesscontrolprovider/AclFile.js @@ -28,6 +28,7 @@ define(["dojo/_base/xhr", "dojo/_base/event", "dojo/_base/json", "dijit/registry", + "dojox/html/entities", "qpid/common/util", "qpid/common/properties", "qpid/common/updater", @@ -43,7 +44,7 @@ define(["dojo/_base/xhr", "dijit/form/Form", "dijit/form/DateTextBox", "dojo/domReady!"], - function (xhr, dom, parser, query, construct, connect, win, event, json, registry, util, properties, updater, UpdatableStore, EnhancedGrid) { + function (xhr, dom, parser, query, construct, connect, win, event, json, registry, entities, util, properties, updater, UpdatableStore, EnhancedGrid) { function AclFile(containerNode, aclProviderObj, controller) { var node = construct.create("div", null, containerNode, "last"); var that = this; @@ -85,7 +86,7 @@ define(["dojo/_base/xhr", if (data[0]) { that.aclProviderData = data[0]; - that.path.innerHTML = that.aclProviderData.path; + that.path.innerHTML = entities.encode(String(that.aclProviderData.path)); } }); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/controller.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/controller.js index 28e4445e08..b7eddbbb77 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/controller.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/controller.js @@ -21,6 +21,7 @@ define(["dojo/dom", "dijit/registry", "dijit/layout/ContentPane", + "dojox/html/entities", "qpid/management/Broker", "qpid/management/VirtualHost", "qpid/management/Exchange", @@ -36,7 +37,7 @@ define(["dojo/dom", "qpid/management/Plugin", "dojo/ready", "dojo/domReady!"], - function (dom, registry, ContentPane, Broker, VirtualHost, Exchange, Queue, Connection, AuthProvider, + function (dom, registry, ContentPane, entities, Broker, VirtualHost, Exchange, Queue, Connection, AuthProvider, GroupProvider, Group, KeyStore, TrustStore, AccessControlProvider, Port, Plugin, ready) { var controller = {}; @@ -86,7 +87,7 @@ define(["dojo/dom", this.viewedObjects[ objId ] = obj; var contentPane = new ContentPane({ region: "center" , - title: obj.getTitle(), + title: entities.encode(obj.getTitle()), closable: true, onClose: function() { obj.close(); @@ -113,4 +114,4 @@ define(["dojo/dom", return controller; - });
\ No newline at end of file + }); diff --git a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/groupprovider/FileGroupManager.js b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/groupprovider/FileGroupManager.js index 02276b8713..f3c5c81d94 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/groupprovider/FileGroupManager.js +++ b/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/groupprovider/FileGroupManager.js @@ -28,6 +28,7 @@ define(["dojo/_base/xhr", "dojo/_base/event", "dojo/_base/json", "dijit/registry", + "dojox/html/entities", "qpid/common/util", "qpid/common/properties", "qpid/common/updater", @@ -43,7 +44,7 @@ define(["dojo/_base/xhr", "dijit/form/Form", "dijit/form/DateTextBox", "dojo/domReady!"], - function (xhr, dom, parser, query, construct, connect, win, event, json, registry, util, properties, updater, UpdatableStore, EnhancedGrid) { + function (xhr, dom, parser, query, construct, connect, win, event, json, registry, entities, util, properties, updater, UpdatableStore, EnhancedGrid) { function DatabaseGroupManager(containerNode, groupProviderObj, controller) { var node = construct.create("div", null, containerNode, "last"); var that = this; @@ -176,7 +177,7 @@ define(["dojo/_base/xhr", xhr.get({url: this.query, sync: properties.useSyncGet, handleAs: "json"}) .then(function(data) { that.groupProviderData = data[0]; - that.path.innerHTML = that.groupProviderData.path; + that.path.innerHTML = entities.encode(String(that.groupProviderData.path)); util.flattenStatistics( that.groupProviderData ); that.groupsGrid.update(that.groupProviderData.groups); |