Skip to content
This repository was archived by the owner on Mar 24, 2025. It is now read-only.

Commit 318fac5

Browse files
author
Denes Bodo
committed
OOZIE-3718 Improve Oozie Web UI filtering (NikhilDaf via dionusos)
1 parent 3c614c7 commit 318fac5

File tree

1 file changed

+28
-6
lines changed

1 file changed

+28
-6
lines changed

webapp/src/main/webapp/oozie-console.js

Lines changed: 28 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -204,8 +204,30 @@ function getCustomFilter() {
204204
return filter;
205205
}
206206

207-
function convertStatusToUpperCase(filterText) {
208-
var converted = filterText.replace(/status=([a-zA-Z]+)/g, function(){
207+
// code imported and modified from Handlebars escapeExpression utility
208+
const escape = {
209+
'&': '&',
210+
'<': '&lt;',
211+
'>': '&gt;',
212+
'`': '&#x60;',
213+
};
214+
215+
function escapeChar(chr) {
216+
return escape[chr];
217+
}
218+
219+
const badChars = /[&<>`]/g,
220+
possible = /[&<>`]/;
221+
222+
function escapeExpression(text) {
223+
if (!possible.test(text)) {
224+
return text;
225+
}
226+
return text.replace(badChars, escapeChar);
227+
}
228+
229+
function convertStatusToUpperCaseAndEscapeHtml(filterText) {
230+
var converted = escapeExpression(filterText).replace(/status=([a-zA-Z]+)/g, function(){
209231
var text = arguments[1];
210232
return "status="+ text.toUpperCase();
211233
});
@@ -2618,7 +2640,7 @@ var changeFilterAction = new Ext.Action({
26182640
handler: function() {
26192641
Ext.Msg.prompt('Filter Criteria', 'Filter text:', function(btn, text) {
26202642
if (btn == 'ok' && text) {
2621-
var filter = convertStatusToUpperCase(text);
2643+
var filter = convertStatusToUpperCaseAndEscapeHtml(text);
26222644
refreshCustomJobsAction.setText(filter);
26232645
Ext.state.Manager.setProvider(new Ext.state.CookieProvider({
26242646
expires: new Date(new Date().getTime()+315569259747)
@@ -2637,7 +2659,7 @@ var changeCoordFilterAction = new Ext.Action({
26372659
handler: function() {
26382660
Ext.Msg.prompt('Filter Criteria', 'Filter text:', function(btn, text) {
26392661
if (btn == 'ok' && text) {
2640-
var filter = convertStatusToUpperCase(text);
2662+
var filter = convertStatusToUpperCaseAndEscapeHtml(text);
26412663
refreshCoordCustomJobsAction.setText(filter);
26422664
Ext.state.Manager.setProvider(new Ext.state.CookieProvider({
26432665
expires: new Date(new Date().getTime()+315569259747)
@@ -2656,7 +2678,7 @@ var changeBundleFilterAction = new Ext.Action({
26562678
handler: function() {
26572679
Ext.Msg.prompt('Filter Criteria', 'Filter text:', function(btn, text) {
26582680
if (btn == 'ok' && text) {
2659-
var filter = convertStatusToUpperCase(text);
2681+
var filter = convertStatusToUpperCaseAndEscapeHtml(text);
26602682
refreshBundleCustomJobsAction.setText(filter);
26612683
Ext.state.Manager.setProvider(new Ext.state.CookieProvider({
26622684
expires: new Date(new Date().getTime()+315569259747)
@@ -3231,7 +3253,7 @@ function initConsole() {
32313253
Ext.state.Manager.setProvider(new Ext.state.CookieProvider({
32323254
expires: new Date(new Date().getTime()+315569259747) // about 10 years from now!
32333255
}));
3234-
var upper_value = convertStatusToUpperCase(value);
3256+
var upper_value = convertStatusToUpperCaseAndEscapeHtml(value);
32353257
Ext.state.Manager.set("GlobalCustomFilter", upper_value);
32363258
}
32373259
}}

0 commit comments

Comments
 (0)