Author: thomas.heute(a)jboss.com
Date: 2009-01-29 12:32:33 -0500 (Thu, 29 Jan 2009)
New Revision: 12707
Modified:
tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/securenode.jsp
tags/Enterprise_Portal_Platform_4_3_GA/core-identity/src/main/org/jboss/portal/core/identity/ui/validators/UsernameValidator.java
tags/Enterprise_Portal_Platform_4_3_GA/core/src/resources/portal-core-war/WEB-INF/jsp/header/header.jsp
Log:
Encoding stuff
Modified:
tags/Enterprise_Portal_Platform_4_3_GA/core/src/resources/portal-core-war/WEB-INF/jsp/header/header.jsp
===================================================================
---
tags/Enterprise_Portal_Platform_4_3_GA/core/src/resources/portal-core-war/WEB-INF/jsp/header/header.jsp 2009-01-29
17:28:21 UTC (rev 12706)
+++
tags/Enterprise_Portal_Platform_4_3_GA/core/src/resources/portal-core-war/WEB-INF/jsp/header/header.jsp 2009-01-29
17:32:33 UTC (rev 12707)
@@ -1,4 +1,5 @@
<%@ page import="org.jboss.portal.api.PortalURL" %>
+<%@ page import="org.jboss.portal.common.text.EntityEncoder" %>
<%@ page import="org.jboss.portal.identity.User" %>
<%@page import="java.util.ResourceBundle"%>
<%@ page import="java.security.Principal" %>
@@ -35,10 +36,10 @@
</script>
<noscript>
- <a href="<%= loginURL %>"><%=
rb.getString("LOGIN") %></a>
+ <a href="<%= loginURL %>"><%=
EntityEncoder.FULL.encode(rb.getString("LOGIN")) %></a>
</noscript>
<%}else{%>
-<a href="<%= loginURL %>"><%= rb.getString("LOGIN")
%></a>
+<a href="<%= loginURL %>"><%=
EntityEncoder.FULL.encode(rb.getString("LOGIN")) %></a>
<%}%>
Modified:
tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/securenode.jsp
===================================================================
---
tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/securenode.jsp 2009-01-29
17:28:21 UTC (rev 12706)
+++
tags/Enterprise_Portal_Platform_4_3_GA/core-cms/src/resources/portal-cms-war/WEB-INF/jsp/cms/admin/securenode.jsp 2009-01-29
17:32:33 UTC (rev 12707)
@@ -78,7 +78,7 @@
Role role = (Role)iterator.next();
%>
<option value="<%= role.getName() %>"
<%if(readRoleSet.contains(role.getName())){%>selected<%}%>>
- <%= role.getDisplayName() %>
+ <%= EntityEncoder.FULL.encode(role.getDisplayName()) %>
</option>
<%
}
@@ -103,7 +103,7 @@
%>
<option value="<%= user.getUserName() %>"
<%if(readUserSet.contains(user.getUserName())){%>selected<%}%>>
- <%= user.getUserName() %>
+ <%= EntityEncoder.FULL.encode(user.getUserName()) %>
</option>
<%
}
@@ -140,7 +140,7 @@
Role role = (Role)iterator.next();
%>
<option value="<%= role.getName() %>"
<%if(writeRoleSet.contains(role.getName())){%>selected<%}%>>
- <%= role.getDisplayName() %>
+ <%= EntityEncoder.FULL.encode(role.getDisplayName()) %>
</option>
<%
}
@@ -165,7 +165,7 @@
%>
<option value="<%= user.getUserName() %>"
<%if(writeUserSet.contains(user.getUserName())){%>selected<%}%>>
- <%= user.getUserName() %>
+ <%= EntityEncoder.FULL.encode(user.getUserName()) %>
</option>
<%
}
@@ -202,7 +202,7 @@
Role role = (Role)iterator.next();
%>
<option value="<%= role.getName() %>"
<%if(manageRoleSet.contains(role.getName())){%>selected<%}%>>
- <%= role.getDisplayName() %>
+ <%= EntityEncoder.FULL.encode(role.getDisplayName()) %>
</option>
<%
}
@@ -227,7 +227,7 @@
%>
<option value="<%= user.getUserName() %>"
<%if(manageUserSet.contains(user.getUserName())){%>selected<%}%>>
- <%= user.getUserName() %>
+ <%= EntityEncoder.FULL.encode(user.getUserName()) %>
</option>
<%
}
Modified:
tags/Enterprise_Portal_Platform_4_3_GA/core-identity/src/main/org/jboss/portal/core/identity/ui/validators/UsernameValidator.java
===================================================================
---
tags/Enterprise_Portal_Platform_4_3_GA/core-identity/src/main/org/jboss/portal/core/identity/ui/validators/UsernameValidator.java 2009-01-29
17:28:21 UTC (rev 12706)
+++
tags/Enterprise_Portal_Platform_4_3_GA/core-identity/src/main/org/jboss/portal/core/identity/ui/validators/UsernameValidator.java 2009-01-29
17:32:33 UTC (rev 12707)
@@ -65,6 +65,12 @@
registrationService = (RegistrationService)
portletContext.getAttribute("RegistrationService");
// if (username.length() >= 5 && (Pattern.matches(NICKNAME_VALIDATION,
username)))
+ if (username.contains("<") || username.contains(">"))
+ {
+ throw new ValidatorException(new FacesMessage(FacesMessage.SEVERITY_ERROR,
+ bundle.getString("IDENTITY_VALIDATION_ERROR_USERNAME_ERROR"),
+ bundle.getString("IDENTITY_VALIDATION_ERROR_USERNAME_ERROR")));
+ }
try
{
// checking jBPM context
Show replies by date