Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-17558

ZK dumping jsp should escape html

    Details

      Description

      Right now the ZK status page in the master dumps data from ZK using ZKUtil without doing any processing to e.g. escape HTML entities.

      ie.:

              <div class="container-fluid content">
                  <div class="row inner_header">
                      <div class="page-header">
                          <h1>ZooKeeper Dump</h1>
                      </div>
                  </div>
                  <div class="row">
                      <div class="span12">
                          <pre><%= ZKUtil.dump(watcher).trim() %></pre>
                      </div>
                  </div>
              </div>
      

      current url: https://github.com/apache/hbase/blob/master/hbase-server/src/main/resources/hbase-webapps/master/zk.jsp#L83

        Attachments

          Activity

            People

            • Assignee:
              busbey Sean Busbey
              Reporter:
              busbey Sean Busbey
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: