Java Code Examples for org.apache.commons.lang3.StringEscapeUtils#escapeHtml4()

The following examples show how to use org.apache.commons.lang3.StringEscapeUtils#escapeHtml4() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: FormatDefinitionRevisionDisplayTagHandler.java    From proctor with Apache License 2.0 6 votes vote down vote up
public String formatRevisionDisplay(final Revision revision) {
    final String defaultFormattedRevision = revision.getAuthor() + " @ " + revision.getDate() + " (" + revision.getRevision() + ")";
    final ServletContext servletContext = pageContext.getServletContext();
    final WebApplicationContext context = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
    try {
        final Map<String, DefinitionRevisionDisplayFormatter> formatterBeans = BeanFactoryUtils.beansOfTypeIncludingAncestors(context,DefinitionRevisionDisplayFormatter.class);

        if (formatterBeans.isEmpty()) {
            //No bean found, which is acceptable.
            return StringEscapeUtils.escapeHtml4(defaultFormattedRevision);
        } else if (formatterBeans.size() == 1) {
            final DefinitionRevisionDisplayFormatter formatter = formatterBeans.values().iterator().next();
            return formatter.formatRevision(revision);
        } else {
            throw new IllegalArgumentException("Multiple beans of type " + DefinitionRevisionDisplayFormatter.class.getSimpleName()  + " found, expected 0 or 1.");
        }
    } catch (final Exception e) {
        LOGGER.error("An error occurred when retrieving revision url.", e);
        return defaultFormattedRevision;
    }
}
 
Example 2
Source File: EnvironmentFilter.java    From uyuni with GNU General Public License v2.0 6 votes vote down vote up
private void addParameterizedMessages(HttpServletRequest req) {
    String messageKey = req.getParameter("message");
    if (messageKey != null) {
        ActionMessages msg = new ActionMessages();
        String param1 = req.getParameter("messagep1");
        String param2 = req.getParameter("messagep2");
        String param3 = req.getParameter("messagep3");

        Object[] args = new Object[3];
        args[0] = StringEscapeUtils.escapeHtml4(param1);
        args[1] = StringEscapeUtils.escapeHtml4(param2);
        args[2] = StringEscapeUtils.escapeHtml4(param3);

        msg.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(messageKey, args));
        StrutsDelegate.getInstance().saveMessages(req, msg);
    }
}
 
Example 3
Source File: XXSDefenderFormat.java    From springboot-plus with BSD 3-Clause "New" or "Revised" License 5 votes vote down vote up
public static void main(String[] args){
    String js =  "中文<script>hi</script><h5></h5>";
    System.out.println(js);
    js = StringEscapeUtils.escapeHtml4(js);
    System.out.println(js);
}
 
Example 4
Source File: EmailReportGenerator.java    From carina with Apache License 2.0 5 votes vote down vote up
public String formatFailReasonAsHtml(String reasonText) {
    if (!StringUtils.isEmpty(reasonText)) {
        reasonText = StringEscapeUtils.escapeHtml4(reasonText);
        reasonText = reasonText.replace("\n", "<br/>");
    }
    return reasonText;
}
 
Example 5
Source File: CatalinaAction.java    From uyuni with GNU General Public License v2.0 5 votes vote down vote up
/** {@inheritDoc} */
public ActionForward execute(ActionMapping mapping, ActionForm formIn,
        HttpServletRequest request, HttpServletResponse response) {
    request.setAttribute("logfile_path", LOGFILE_PATH);
    String contents = FileUtils.getTailOfFile(LOGFILE_PATH, 1000);
    contents = StringEscapeUtils.escapeHtml4(contents);
    request.setAttribute("contents", contents);
    return mapping.findForward(RhnHelper.DEFAULT_FORWARD);
}
 
Example 6
Source File: RhnAction.java    From uyuni with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Add an error message to the request with argument array
 * @param req to add the message to
 * @param beanKey resource key to lookup
 * @param args the message parameters to fill in placeholders
 */
protected void createErrorMessageWithMultipleArgs(HttpServletRequest req, String beanKey, String... args) {
    ActionErrors errs = new ActionErrors();
    String[] escArgs = new String[args.length];
    for (int i = 0; i < args.length; i++) {
        escArgs[i] = StringEscapeUtils.escapeHtml4(args[i]);
    }
    errs.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(beanKey, escArgs));
    saveMessages(req, errs);
}
 
Example 7
Source File: CompareDeployedSubmitAction.java    From uyuni with GNU General Public License v2.0 5 votes vote down vote up
private void makeMessage(Action action, HttpServletRequest request) {
    if (action != null) {
        //get how many servers this action was created for.
        int successes = action.getServerActions().size();
        String number = LocalizationService.getInstance()
                .formatNumber(successes);

        //build the url for the action we have created.
        String url = "/rhn/schedule/ActionDetails.do?aid=" + action.getId();

        //create the success message
        ActionMessages msg = new ActionMessages();
        String key;
        if (successes == 1) {
            key = "configdiff.schedule.success.singular";
        }
        else {
            key = "configdiff.schedule.success";
        }

        Object[] args = new Object[2];
        args[0] = StringEscapeUtils.escapeHtml4(url);
        args[1] = StringEscapeUtils.escapeHtml4(number);

        //add in the success message
        msg.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(key, args));
        getStrutsDelegate().saveMessages(request, msg);
    }
    else {
        //Something went wrong, tell user!
        ActionErrors errors = new ActionErrors();
        getStrutsDelegate().addError("configdiff.schedule.selection_error",
                errors);
        getStrutsDelegate().saveMessages(request, errors);
    }
}
 
Example 8
Source File: WebPlainTextGameUI.java    From CardFantasy with BSD 2-Clause "Simplified" License 5 votes vote down vote up
@Override
protected void say(String text) {
    if (text == null) {
        return;
    }
    text = StringEscapeUtils.escapeHtml4(text);
    text = text.replace("\n", "<br />");
    sb.append(text);
    sb.append("<br />");
}
 
Example 9
Source File: ErrataActionFormatterTest.java    From uyuni with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Tests getRelatedObjectDescription().
 * @throws Exception if something bad happens
 */
public void testGetRelatedObjectDescription() throws Exception {
    ErrataAction action = (ErrataAction) ActionFactoryTest.createAction(user,
        ActionFactory.TYPE_ERRATA);
    ErrataActionFormatter formatter = new ErrataActionFormatter(action);

    Errata errata = action.getErrata().iterator().next();
    String expected = "<a href=\"/rhn/errata/details/Details.do?eid=" +
        errata.getId().toString() + "\">" +
        StringEscapeUtils.escapeHtml4(errata.getAdvisory()) + "</a>";
    String result = formatter.getRelatedObjectDescription();

    assertTrue(result.contains(expected));
}
 
Example 10
Source File: SystemsController.java    From uyuni with GNU General Public License v2.0 5 votes vote down vote up
protected void createSuccessMessage(HttpServletRequest req, String msgKey,
                                    String param1) {
    ActionMessages msg = new ActionMessages();
    Object[] args = new Object[1];
    args[0] = StringEscapeUtils.escapeHtml4(param1);
    msg.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(msgKey, args));
    StrutsDelegate.getInstance().saveMessages(req, msg);
}
 
Example 11
Source File: DefaultArchivaAdministration.java    From archiva with Apache License 2.0 4 votes vote down vote up
private String convertName(String name) {
    return StringEscapeUtils.escapeHtml4( StringUtils.trimToEmpty( name ) );
}
 
Example 12
Source File: UrlRPTestPortlet.java    From portals-pluto with Apache License 2.0 4 votes vote down vote up
public void processAction(ActionRequest req, ActionResponse resp)
      throws PortletException, IOException {
   
   ActionParameters ap = req.getActionParameters();
   MutableRenderParameters mrp = resp.getRenderParameters();
   Set<? extends String> rpNames = mrp.getNames();

   if (isDebug) {
      StringBuffer sb = new StringBuffer();
      sb.append("Action parameters:");
      for (String k : ap.getNames()) {
         sb.append("\nName: ").append(k);
         sb.append(", Values: ").append(Arrays.toString(ap.getValues(k)));
      }
      logger.debug(sb.toString());
   }

   // Handle the control parameters
   
   String setType = ap.getValue(PARAM_SETTYPE);
   setType = (setType == null) ? PARAM_SETTYPE_VARRAY : setType;
   mrp.setValue(PARAM_SETTYPE, setType);
   
   String remType = ap.getValue(PARAM_REMTYPE);
   remType = (remType == null) ? PARAM_REMTYPE_SET : remType;
   mrp.setValue(PARAM_REMTYPE, remType);
   
   String aurlCopy = ap.getValue(PARAM_AURLCOPY);
   aurlCopy = (aurlCopy == null) ? PARAM_AURLCOPY_ALL : aurlCopy;
   mrp.setValue(PARAM_AURLCOPY, aurlCopy);
   
   // Get the parameter name & values. Parse values string into individual values.
   // if string is 'null', change it into null.
   
   // string escape here to avoid xss vulnerability & problem with portlet hub json
   String pn = StringEscapeUtils.escapeHtml4(ap.getValue(PARAM_NAME));
   String pv = StringEscapeUtils.escapeHtml4(ap.getValue(PARAM_VALUES));

   String[] parsedVals = null;
   StringBuilder txt = new StringBuilder("Setting values to ");
   if (pn != null && pn.length() > 0 && pv != null) {
      parsedVals = pv.split(",", -1);
      if (pv.length() == 0) {
         txt.append("array containing single empty string");
         parsedVals = new String[] {""};
      } else if (parsedVals.length == 1) {
         if (parsedVals[0].equals("null")) {
            txt.append("null");
            parsedVals = null;
         } else if (parsedVals[0].equals("empty")) {
            txt.append("an empty array.");
            parsedVals = new String[0];
         } else {
            txt.append("an array containing the single item");
         }
      } else {
         txt.append("an array of values");
         for (int ii = 0; ii < parsedVals.length; ii++) {
            if (parsedVals[ii].equals("null")) {
               parsedVals[ii] = null;
            }
         }
      }
      try {
         if (remType.equals(PARAM_REMTYPE_REM)) {
            txt.append(". Removing parameter");
            mrp.removeParameter(pn);
         } else {
            if (setType.equals(PARAM_SETTYPE_VARRAY)) {
               txt.append(" using values array");
               mrp.setValues(pn, parsedVals);
            } else {
               txt.append(" using first value in array");
               String tval = (parsedVals == null) ? null : parsedVals[0];
               mrp.setValue(pn, tval);
            }
         }
      } catch(Exception e) {
         StringBuilder err = new StringBuilder("Exception setting parameter: ");
         err.append(e.toString());
         mrp.setValue("Error:", "<span style='color: red;'>" + err.toString() + "</span>");
      }
   } else if (rpNames.isEmpty()) {
      txt.append("the error message");
      mrp.setValue("Error:", "<span style='color: red;'>No parameters available!</span>");
   }
   
   if (isDebug) {
      logger.debug(txt.toString());
      txt = new StringBuilder("Parsed Action Parameters: ");
      txt.append(", Name: ").append(pn);
      txt.append(", Value string: >>").append(pv).append("<<");
      txt.append(", Parsed Values: ").append(Arrays.toString(parsedVals));
      logger.debug(txt.toString());
   }

}
 
Example 13
Source File: OverallHTML.java    From pikatimer with GNU General Public License v3.0 4 votes vote down vote up
private String escapeHTML(String s){
    return StringEscapeUtils.escapeHtml4(s);
}
 
Example 14
Source File: DefaultCommentRenderer.java    From gocd with Apache License 2.0 4 votes vote down vote up
private String dynamicLink(Matcher matcher) {
    String linkWithRealId = StringEscapeUtils.escapeHtml4(link.replace("${ID}", id(matcher)));
    return String.format("<a href=\"%s\" target=\"story_tracker\">%s</a>", linkWithRealId, textOnLink(matcher));
}
 
Example 15
Source File: ListDisplayTagBase.java    From uyuni with GNU General Public License v2.0 4 votes vote down vote up
protected void renderFilterBox(Writer out) throws IOException {
    LocalizationService ls = LocalizationService.getInstance();

    HtmlTag tag = new HtmlTag("div");
    tag.setAttribute("class", "spacewalk-filter-input input-group");

    StringBuilder buf = new StringBuilder();

    HtmlTag input = new HtmlTag("input");
    input.setAttribute("type", "text");
    input.setAttribute("class", "form-control");
    input.setAttribute("name", RequestContext.FILTER_STRING);
    input.setAttribute("value", pageList.getFilterData());
    String placeHolder = StringEscapeUtils.escapeHtml4(
            ls.getMessage("message.filterby", ls.getMessage(filterBy)));
    input.setAttribute("placeholder", placeHolder);
    input.setAttribute("maxlength", FILTER_MAXLENGTH);

    buf.append(input.render());

    input = new HtmlTag("input");
    input.setAttribute("type", "hidden");
    input.setAttribute("name", RequestContext.PREVIOUS_FILTER_STRING);
    input.setAttribute("value", pageList.getFilterData());
    buf.append(input.render());

    HtmlTag btnSpan = new HtmlTag("span");
    btnSpan.setAttribute("class", "input-group-btn");

    HtmlTag btn = new HtmlTag("button");
    btn.setAttribute("class", "btn btn-default");
    btn.setAttribute("type", "submit");
    btn.setAttribute("name", FILTER_DISPATCH);
    btn.setAttribute("value", ls.getMessage(RequestContext.FILTER_KEY));

    IconTag icon = new IconTag("item-search");
    btn.addBody(icon.render());

    btnSpan.addBody(btn);

    buf.append(btnSpan.render());

    tag.addBody(buf.toString());
    out.append(tag.render());
}
 
Example 16
Source File: EscapeTool.java    From velocity-tools with Apache License 2.0 3 votes vote down vote up
/**
 * <p>Escapes the characters in a <code>String</code> using HTML entities.</p>
 * <p>Delegates the process to {@link StringEscapeUtils#escapeHtml4(String)}.</p>
 *
 * @param string the string to escape, may be null
 * @return a new escaped <code>String</code>, <code>null</code> if null string input
 *
 * @see StringEscapeUtils#escapeHtml4(String)
 */
public String html(Object string)
{
    if (string == null)
    {
        return null;
    }
    return StringEscapeUtils.escapeHtml4(String.valueOf(string));
}
 
Example 17
Source File: MultiOrgUserOverview.java    From uyuni with GNU General Public License v2.0 2 votes vote down vote up
/**
 * get the user's last name
 * @return the user's last name
 */
public String getUserLastName() {
    return StringEscapeUtils.escapeHtml4(userLastName);
}
 
Example 18
Source File: MultiOrgAllUserOverview.java    From uyuni with GNU General Public License v2.0 2 votes vote down vote up
/**
 * get the user's first name
 * @return the user's first name
 */
public String getUserFirstName() {
    return StringEscapeUtils.escapeHtml4(userFirstName);
}
 
Example 19
Source File: EscapeUtil.java    From vjtools with Apache License 2.0 2 votes vote down vote up
/**
 * Html转码,将字符串转码为符合HTML4格式的字符串.
 * 
 * 比如 "bread" & "butter" 转化为 &quot;bread&quot; &amp; &quot;butter&quot;
 */
public static String escapeHtml(String html) {
	return StringEscapeUtils.escapeHtml4(html);
}
 
Example 20
Source File: EscapeHtmlReference.java    From velocity-engine with Apache License 2.0 2 votes vote down vote up
/**
 * Escape all HTML entities.
 *
 * @param text
 * @return An escaped String.
 * @see <a href="http://commons.apache.org/proper/commons-lang/javadocs/api-release/org/apache/commons/lang3/StringEscapeUtils.html#escapeHtml4%28java.lang.String%29">StringEscapeUtils</a>
 */
protected String escape(Object text)
{
    return StringEscapeUtils.escapeHtml4(text.toString());
}