Uploaded image for project: 'Chukwa'
  1. Chukwa
  2. CHUKWA-739

Update XSS filter to use actively maintained API

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.7.0
    • Fix Version/s: None
    • Component/s: User Interface
    • Labels:
      None

      Description

      HTML filter is kind of out dated. Chukwa should use more actively maintained XSS filter.

        Activity

        Hide
        eyang Eric Yang added a comment -

        ESAPI and Jsoup seems like good choice for updating XSS filter and available in maven central. ESAPI is BSD licensed, and Jsoup is MIT licensed.

        Show
        eyang Eric Yang added a comment - ESAPI and Jsoup seems like good choice for updating XSS filter and available in maven central. ESAPI is BSD licensed, and Jsoup is MIT licensed.
        Hide
        eyang Eric Yang added a comment -

        Updated XSSFilter to use actively maintained tools for filtering html and xss.

        Show
        eyang Eric Yang added a comment - Updated XSSFilter to use actively maintained tools for filtering html and xss.
        Hide
        eyang Eric Yang added a comment -

        I just committed this.

        Show
        eyang Eric Yang added a comment - I just committed this.
        Hide
        jira-bot ASF subversion and git services added a comment -

        Commit 1662975 from Eric Yang in branch 'chukwa/trunk'
        [ https://svn.apache.org/r1662975 ]

        CHUKWA-739. Update XSS Filter to use ESAPI and Jsoup. (Eric Yang)

        Show
        jira-bot ASF subversion and git services added a comment - Commit 1662975 from Eric Yang in branch 'chukwa/trunk' [ https://svn.apache.org/r1662975 ] CHUKWA-739 . Update XSS Filter to use ESAPI and Jsoup. (Eric Yang)
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Chukwa-trunk #524 (See https://builds.apache.org/job/Chukwa-trunk/524/)
        CHUKWA-739. Update XSS Filter to use ESAPI and Jsoup. (Eric Yang) (eyang: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1662975)

        • /chukwa/trunk/CHANGES.txt
        • /chukwa/trunk/NOTICE.txt
        • /chukwa/trunk/lib/html-filter-1.0.jar
        • /chukwa/trunk/pom.xml
        • /chukwa/trunk/src/main/java/org/apache/hadoop/chukwa/util/XssFilter.java
        • /chukwa/trunk/src/main/resources/ESAPI.properties
        • /chukwa/trunk/src/test/java/org/apache/hadoop/chukwa/util/TestXSSFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Chukwa-trunk #524 (See https://builds.apache.org/job/Chukwa-trunk/524/ ) CHUKWA-739 . Update XSS Filter to use ESAPI and Jsoup. (Eric Yang) (eyang: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1662975 ) /chukwa/trunk/CHANGES.txt /chukwa/trunk/NOTICE.txt /chukwa/trunk/lib/html-filter-1.0.jar /chukwa/trunk/pom.xml /chukwa/trunk/src/main/java/org/apache/hadoop/chukwa/util/XssFilter.java /chukwa/trunk/src/main/resources/ESAPI.properties /chukwa/trunk/src/test/java/org/apache/hadoop/chukwa/util/TestXSSFilter.java
        Hide
        hudson Hudson added a comment -

        FAILURE: Integrated in Chukwa-trunk #527 (See https://builds.apache.org/job/Chukwa-trunk/527/)
        CHUKWA-739. Update XSS Filter to use ESAPI and Jsoup. (Eric Yang) (eyang: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1662975)

        • /chukwa/trunk/CHANGES.txt
        • /chukwa/trunk/NOTICE.txt
        • /chukwa/trunk/lib/html-filter-1.0.jar
        • /chukwa/trunk/pom.xml
        • /chukwa/trunk/src/main/java/org/apache/hadoop/chukwa/util/XssFilter.java
        • /chukwa/trunk/src/main/resources/ESAPI.properties
        • /chukwa/trunk/src/test/java/org/apache/hadoop/chukwa/util/TestXSSFilter.java
        Show
        hudson Hudson added a comment - FAILURE: Integrated in Chukwa-trunk #527 (See https://builds.apache.org/job/Chukwa-trunk/527/ ) CHUKWA-739 . Update XSS Filter to use ESAPI and Jsoup. (Eric Yang) (eyang: http://svn.apache.org/viewcvs.cgi/?root=Apache-SVN&view=rev&rev=1662975 ) /chukwa/trunk/CHANGES.txt /chukwa/trunk/NOTICE.txt /chukwa/trunk/lib/html-filter-1.0.jar /chukwa/trunk/pom.xml /chukwa/trunk/src/main/java/org/apache/hadoop/chukwa/util/XssFilter.java /chukwa/trunk/src/main/resources/ESAPI.properties /chukwa/trunk/src/test/java/org/apache/hadoop/chukwa/util/TestXSSFilter.java

          People

          • Assignee:
            eyang Eric Yang
            Reporter:
            eyang Eric Yang
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development