updated maven site to use reflow

jeremylong · jeremylong · commit 90be286ea76a · 2017-02-13T09:16:54.000-05:00
diff --git a/core/pom.xml b/core/pom.xml
@@ -49,7 +49,7 @@
     <artifactId>encoder</artifactId>
     <packaging>jar</packaging>
 
-    <name>OWASP Encoders</name>
+    <name>Java Encoder</name>
     <description>
         The OWASP Encoders package is a collection of high-performance low-overhead
         contextual encoders, that when utilized correctly, is an effective tool in
diff --git a/core/src/main/java/org/owasp/encoder/Encode.java b/core/src/main/java/org/owasp/encoder/Encode.java
diff --git a/core/src/site/markdown/index.md b/core/src/site/markdown/index.md
@@ -0,0 +1,35 @@
+## OWASP Java Encoder
+
+The OWASP Java Encoder is a collection of high-performance low-overhead
+contextual encoders that, when utilized correctly, is an effective tool in
+preventing Web Application security vulnerabilities such as Cross-Site
+Scripting (XSS).
+
+Please see the [OWASP XSS Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet)
+for more information on preventing XSS.
+
+For use within JSP pages consider using the [JSP Encoder](../encoder-jsp/index.html) as it
+provides a TLD to make the use of the core encoders easier.
+
+### Usage
+
+The JARs can be found in [Maven Central](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22org.owasp.encoder%22).
+
+```xml
+<dependency>
+    <groupId>org.owasp.encoder</groupId>
+    <artifactId>encoder</artifactId>
+    <version>1.2.1</version>
+</dependency>
+```
+
+Utilize the encoder:
+
+```java
+import org.owasp.encoder.Encode;
+
+//...
+
+PrintWriter out = ....;
+out.println("<textarea>" + Encode.forHtml(userData) + "</textarea>");
+```
diff --git a/core/src/site/site.xml b/core/src/site/site.xml
@@ -36,22 +36,6 @@ OF THE POSSIBILITY OF SUCH DAMAGE.
 
 -->
 <project name="Encoder">
-    <bannerLeft>
-        <name>OWASP Java Encoder Project: CORE</name>
-		<title>OWASP Java Encoder Project: CORE</title>
-        <alt>OWASP Java Encoder Project: CORE</alt>
-        <src>../images/owasp.jpg</src>
-		<height>107</height>
-		<width>300</width>
-    </bannerLeft>
     <body>
-        <breadcrumbs>
-            <item name="OWASP Java Encoder Project" href="../index.html"/>
-        </breadcrumbs>
-        <!--menu name="Getting Started">
-            <item name="Installation" href="installation.html"/>
-            <item name="Usage" href="usage.html"/>
-        </menu-->
-        <menu ref="reports" />
     </body>
 </project>
diff --git a/esapi/pom.xml b/esapi/pom.xml
@@ -49,7 +49,7 @@
     <artifactId>encoder-esapi</artifactId>
     <packaging>jar</packaging>
 
-    <name>OWASP Encoders ESAPI Thunk</name>
+    <name>ESAPI Thunk</name>
     <description>
         The OWASP Encoders ESAPI Thunk provides an easy way to plugin the Encoder
         Projects API into an implementation of ESAPI.
diff --git a/esapi/src/site/site.xml b/esapi/src/site/site.xml
@@ -36,22 +36,6 @@ OF THE POSSIBILITY OF SUCH DAMAGE.
 
 -->
 <project name="ESAPI">
-    <bannerLeft>
-        <name>OWASP Java Encoder Project: ESAPI</name>
-		<title>OWASP Java Encoder Project: ESAPI</title>
-        <alt>OWASP Java Encoder Project: ESAPI</alt>
-        <src>../images/owasp.jpg</src>
-		<height>107</height>
-		<width>300</width>
-    </bannerLeft>
     <body>
-        <breadcrumbs>
-            <item name="OWASP Java Encoder Project" href="../index.html"/>
-        </breadcrumbs>
-        <!--menu name="Getting Started">
-            <item name="Installation" href="installation.html"/>
-            <item name="Usage" href="usage.html"/>
-        </menu-->
-        <menu ref="reports" />
-    </body>
+	</body>
 </project>
diff --git a/jsp/pom.xml b/jsp/pom.xml
@@ -49,7 +49,7 @@
     <artifactId>encoder-jsp</artifactId>
     <packaging>jar</packaging>
 
-    <name>OWASP Encoders JSP tags and EL functions</name>
+    <name>JSP Encoder</name>
     <description>
         The OWASP Encoder JSP package contains JSP tag definitions and TLDs to allow
         easy use of the OWASP Encoder Project's core API. The TLDs contain both tag
diff --git a/jsp/src/site/markdown/index.md b/jsp/src/site/markdown/index.md
@@ -0,0 +1,31 @@
+## OWASP JSP
+
+The OWASP JSP Encoder is a collection of high-performance low-overhead
+contextual encoders that, when utilized correctly, is an effective tool in
+preventing Web Application security vulnerabilities such as Cross-Site
+Scripting (XSS).
+
+Please see the [OWASP XSS Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet)
+for more information on preventing XSS.
+
+### JSP Usage
+
+The JSP Encoder makes the use of the Java Encoder within JSP simple via a TLD that
+includes tags and a set of JSP EL functions:
+
+```xml
+<dependency>
+    <groupId>org.owasp.encoder</groupId>
+    <artifactId>encoder-jsp</artifactId>
+    <version>1.2.1</version>
+</dependency>
+```
+
+```JSP
+<%@taglib prefix="e" uri="https://www.owasp.org/index.php/OWASP_Java_Encoder_Project" %>
+
+<%-- ... --%>
+
+<p>Dynamic data via EL: ${e:forHtml(param.value)}</p>
+<p>Dynamic data via tag: <e:forHtml value="${param.value}" /></p>
+```
diff --git a/jsp/src/site/site.xml b/jsp/src/site/site.xml
@@ -36,22 +36,6 @@ OF THE POSSIBILITY OF SUCH DAMAGE.
 
 -->
 <project name="JSP">
-    <bannerLeft>
-        <name>OWASP Java Encoder Project: JSP</name>
-		<title>OWASP Java Encoder Project: JSP</title>
-        <alt>OWASP Java Encoder Project: JSP</alt>
-        <src>../images/owasp.jpg</src>
-		<height>107</height>
-		<width>300</width>
-    </bannerLeft>
     <body>
-        <breadcrumbs>
-            <item name="OWASP Java Encoder Project" href="../index.html"/>
-        </breadcrumbs>
-        <!--menu name="Getting Started">
-            <item name="Installation" href="installation.html"/>
-            <item name="Usage" href="usage.html"/>
-        </menu-->
-        <menu ref="reports" />
     </body>
 </project>
diff --git a/pom.xml b/pom.xml
@@ -45,7 +45,7 @@
     <version>1.2.1-SNAPSHOT</version>
     <packaging>pom</packaging>
 
-    <name>OWASP Encoders Parent</name>
+    <name>OWASP Java Encoder Project</name>
     <description>
         The OWASP Encoders package is a collection of high-performance low-overhead
         contextual encoders, that when utilized correctly, is an effective tool in
@@ -183,7 +183,7 @@
                 <plugin>
                     <groupId>org.codehaus.mojo</groupId>
                     <artifactId>cobertura-maven-plugin</artifactId>
-                    <version>2.7</version>
+                    <version>2.6</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -208,7 +208,26 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-site-plugin</artifactId>
-                    <version>3.5.1</version>
+                    <!-- upgrading beyond 3.4 may break the reflow skin -->
+                    <version>3.4</version>
+					<dependencies>
+						<dependency>
+						  <groupId>lt.velykis.maven.skins</groupId>
+						  <artifactId>reflow-velocity-tools</artifactId>
+						  <version>1.1.1</version>
+						</dependency>
+						<!-- Reflow skin requires Velocity >= 1.7  -->
+						<dependency>
+						  <groupId>org.apache.velocity</groupId>
+						  <artifactId>velocity</artifactId>
+						  <version>1.7</version>
+						</dependency>
+						<dependency>
+							<groupId>org.apache.maven.doxia</groupId>
+							<artifactId>doxia-module-markdown</artifactId>
+							<version>1.6</version>
+						</dependency>
+					</dependencies>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -308,21 +327,6 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-site-plugin</artifactId>
-                <dependencies>
-                    <dependency>
-                        <groupId>org.apache.maven.doxia</groupId>
-                        <artifactId>doxia-core</artifactId>
-                        <version>1.7</version>
-                    </dependency>
-                    <dependency>
-                        <groupId>org.apache.maven.doxia</groupId>
-                        <artifactId>doxia-module-markdown</artifactId>
-                        <version>1.7</version>
-                    </dependency>
-                </dependencies>
-                <configuration>
-                    <skipDeploy>true</skipDeploy>
-                </configuration>
             </plugin>
         </plugins>
     </build>
diff --git a/src/site/markdown/index.md b/src/site/markdown/index.md
@@ -0,0 +1,56 @@
+## OWASP Java Encoder Project
+
+The OWASP Java Encoder Project is a collection of high-performance low-overhead
+contextual encoders, that when utilized correctly, is an effective tool in
+preventing Web Application security vulnerabilities such as Cross-Site
+Scripting (XSS).
+
+Please see the [OWASP XSS Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet)
+for more information on preventing XSS.
+
+### Usage
+
+In addition to the usage guidance below, more examples can be found on the [OWASP Java Encoder Project Wiki](https://www.owasp.org/index.php/OWASP_Java_Encoder_Project#tab=Use_the_Java_Encoder_Project).
+
+The JARs can be found in [Maven Central](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22org.owasp.encoder%22).
+
+```xml
+<dependency>
+    <groupId>org.owasp.encoder</groupId>
+    <artifactId>encoder</artifactId>
+    <version>1.2.1</version>
+</dependency>
+```
+
+Utilize the encoder:
+
+```java
+import org.owasp.encoder.Encode;
+
+//...
+
+PrintWriter out = ....;
+out.println("<textarea>" + Encode.forHtml(userData) + "</textarea>");
+```
+
+### JSP Usage
+
+The JSP Encoder makes the use of the Java Encoder within JSP simple via a TLD that
+includes tags and a set of JSP EL functions:
+
+```xml
+<dependency>
+    <groupId>org.owasp.encoder</groupId>
+    <artifactId>encoder-jsp</artifactId>
+    <version>1.2.1</version>
+</dependency>
+```
+
+```JSP
+<%@taglib prefix="e" uri="https://www.owasp.org/index.php/OWASP_Java_Encoder_Project" %>
+
+<%-- ... --%>
+
+<p>Dynamic data via EL: ${e:forHtml(param.value)}</p>
+<p>Dynamic data via tag: <e:forHtml value="${param.value}" /></p>
+```
diff --git a/src/site/site.xml b/src/site/site.xml
@@ -37,51 +37,56 @@ OF THE POSSIBILITY OF SUCH DAMAGE.
 -->
 <project name="OWASP Java Encoder Project">
     <skin>
-        <groupId>org.apache.maven.skins</groupId>
-        <artifactId>maven-fluido-skin</artifactId>
-        <version>1.6</version>
+		<groupId>lt.velykis.maven.skins</groupId>
+		<artifactId>reflow-maven-skin</artifactId>
+		<version>1.1.1</version>
     </skin>
-    <custom>
-        <fluidoSkin>
-            <sourceLineNumbersEnabled>true</sourceLineNumbersEnabled>
-            <sideBarEnabled>true</sideBarEnabled>
-            <gitHub>
-                <projectId>owasp/owasp-java-encoder</projectId>
-                <ribbonOrientation>right</ribbonOrientation>
-                <ribbonColor>gray</ribbonColor>
-            </gitHub>
-            <googlePlusOne />
-        </fluidoSkin>
-    </custom>
-    <bannerLeft>
+	<publishDate position="none" />
+    <version position="none" />
+	<bannerLeft>
         <name>OWASP Java Encoder Project</name>
 		<title>OWASP Java Encoder Project</title>
         <alt>OWASP Java Encoder Project</alt>
         <src>./images/owasp.jpg</src>
 		<height>107</height>
 		<width>300</width>
-	</bannerLeft>
+    </bannerLeft>
+    <custom>
+		<reflowSkin>
+			<theme>default</theme>
+			<highlightJs>true</highlightJs>
+			<highlightJsTheme>github</highlightJsTheme>   
+			<brand>
+				<name>${project.name}</name>
+				<href>https://www.owasp.org/index.php/OWASP_Java_Encoder_Project</href>				
+			</brand>
+			<skinAttribution>false</skinAttribution>
+			<toc>top</toc>
+			<tocTopMax>6</tocTopMax>
+			<topNav>Modules|Maven Documentation</topNav>
+			<bottomNav maxSpan="6" >
+				<column>Modules</column>
+				<column>Contribute</column>
+				<column>Maven Documentation</column>
+			</bottomNav>
+			<pages>
+                <index project="encoder" combine.self="override"></index>
+            </pages>
+		</reflowSkin>
+    </custom>
 
-    <publishDate position="right" />
-    <version position="right" />
-    <poweredBy>
-        <logo name="Maven" href="http://maven.apache.org/"
-              title="built with maven"
-              alt="built with maven"
-              img="/images/logos/build-by-maven-white.png"/>
-    </poweredBy>
     <body>
-        <head><![CDATA[
-        ]]></head>
-        <breadcrumbs>
-            <item name=" " href="#"/>
-        </breadcrumbs>
-        <menu ref="reports" />
-        <menu name="Modules">
-            <item name="Encoder" href="./encoder/index.html" />
-            <item name="JSP" href="./encoder-jsp/index.html" />
-            <item name="ESAPI Thunk" href="./encoder-esapi/index.html" />
-        </menu>
+		<menu name="Modules" inherit="bottom">
+			<item name="OWASP Encoders" href="./index.html" />
+			<item name="Java Encoder" href="./encoder/index.html" />
+			<item name="JSP Encoder" href="./encoder-jsp/index.html" />
+			<item name="ESAPI Thunk" href="./encoder-esapi/index.html" />
+		</menu>
+        <menu name="Maven Documentation" ref="reports" inherit="bottom" />
+		<menu name="Contribute" inherit="bottom">
+		  <item name="Issues" href="https://github.com/OWASP/owasp-java-encoder/issues" />
+		  <item name="Fork on GitHub" href="https://github.com/OWASP/owasp-java-encoder" />
+		</menu>
         <footer>Copyright � 2011-2017 OWASP. All Rights Reserved.</footer>
     </body>
 </project>
