azkaban-aplcache

Add the missing $ in front of esc.html Correct the javascript …

5/31/2016 4:21:55 PM

syntax used in the test. Should be window.alert instead of window.echo

Ray Yang

Commit: 25c6cec

Tree: 864f04e

Parents: 445e154

Changes

azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm 2(+1 -1)

azkaban-webserver/src/test/expected/project-side-bar.html 2(+1 -1)

azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java 2(+1 -1)

Details

azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm 2(+1 -1)

diff --git a/azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm b/azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm
index ee261db..e1831a3 100644
--- a/azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm
+++ b/azkaban-webserver/src/main/resources/azkaban/webapp/servlet/velocity/index.vm
@@ -96,7 +96,7 @@
                 ## The UI logic elsewhere enforces that $project.name must start with a letter, followed by any number
                 ## of letters, digits, '-' or '_'. Escape it just to play it safe.
                 ## todo: make escaping the default.
-                <h4><a href="${context}/manager?project=${project.name}">esc.html($project.name)</a></h4>
+                <h4><a href="${context}/manager?project=${project.name}">$esc.html($project.name)</a></h4>
                 <p class="project-description">$esc.html($project.description)</p>
                 <p class="project-last-modified">Last modified on <strong>$utils.formatDate($project.lastModifiedTimestamp)</strong> by <strong>$project.lastModifiedUser</strong>.</p>
               </div>

azkaban-webserver/src/test/expected/project-side-bar.html 2(+1 -1)

diff --git a/azkaban-webserver/src/test/expected/project-side-bar.html b/azkaban-webserver/src/test/expected/project-side-bar.html
index a41e5da..904cadc 100644
--- a/azkaban-webserver/src/test/expected/project-side-bar.html
+++ b/azkaban-webserver/src/test/expected/project-side-bar.html
@@ -3,7 +3,7 @@
 
           <div class="well" id="project-sidebar">
             <h3>test_project</h3>
-            <p class="editable" id="project-description">&lt;script&gt;window.echo(&quot;hacked&quot;)&lt;/script&gt;</p>
+            <p class="editable" id="project-description">&lt;script&gt;window.alert(&quot;hacked&quot;)&lt;/script&gt;</p>
             <div id="project-description-form" class="editable-form">
               <div class="input-group">
                 <input type="text" class="form-control input-sm" id="project-description-edit" placeholder="Project description">

azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java 2(+1 -1)

diff --git a/azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java b/azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java
index 1bbbf5e..134387c 100644
--- a/azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java
+++ b/azkaban-webserver/src/test/java/azkaban/webapp/servlet/ProjectSideBarViewTest.java
@@ -30,7 +30,7 @@ public class ProjectSideBarViewTest {
     Project project = MockProject.getMockProject();
 
     // Intentionally tries to inject a Javascript.
-    project.setDescription("<script>window.echo(\"hacked\")</script>");
+    project.setDescription("<script>window.alert(\"hacked\")</script>");
 
     context.put("project", project);
     context.put("admins", "admin_name");