Skip to content

Commit

Permalink
sanitize in setters
Browse files Browse the repository at this point in the history
  • Loading branch information
@snoopdave
snoopdave committed Feb 6, 2024
1 parent e4bef8c commit dc4dfe0
Show file tree
Hide file tree
Showing 5 changed files with 3 additions and 25 deletions.
3 changes: 0 additions & 3 deletions app/src/main/java/org/apache/roller/weblogger/business/jpa/JPABookmarkManagerImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,6 @@ public void removeBookmark(WeblogBookmark bookmark) throws WebloggerException {

@Override
public void saveFolder(WeblogBookmarkFolder folder) throws WebloggerException {
folder.sanitize();

// If new folder make sure name is unique
if ((folder.getId() == null || this.getFolder(folder.getId()) == null) && isDuplicateFolderName(folder)) {
Expand Down Expand Up @@ -150,7 +149,6 @@ public void importBookmarks(
WeblogBookmarkFolder newFolder = getFolder(website, folderName);
if (newFolder == null) {
newFolder = new WeblogBookmarkFolder(folderName, website);
newFolder.sanitize();
this.strategy.store(newFolder);
}

Expand Down Expand Up @@ -212,7 +210,6 @@ private void importOpmlElement(
url,
xmlUrl,
null);
bd.sanitize();
folder.addBookmark(bd);
this.strategy.store(bd);
}
Expand Down
2 changes: 0 additions & 2 deletions app/src/main/java/org/apache/roller/weblogger/business/jpa/JPAUserManagerImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ public void release() {}

@Override
public void saveUser(User user) throws WebloggerException {
user.sanitize();
this.strategy.store(user);
}

Expand Down Expand Up @@ -114,7 +113,6 @@ public void addUser(User newUser) throws WebloggerException {
throw new WebloggerException("error.add.user.userNameInUse");
}

newUser.sanitize();
this.strategy.store(newUser);

grantRole("editor", newUser);
Expand Down
5 changes: 0 additions & 5 deletions app/src/main/java/org/apache/roller/weblogger/pojos/User.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -241,11 +241,6 @@ public boolean hasGlobalPermissions(List<String> actions) {
}
}

public void sanitize() {
setFullName(HTMLSanitizer.conditionallySanitize(getFullName()));
setScreenName(HTMLSanitizer.conditionallySanitize(getScreenName()));
}

//------------------------------------------------------- Good citizenship

@Override
Expand Down
10 changes: 2 additions & 8 deletions app/src/main/java/org/apache/roller/weblogger/pojos/WeblogBookmark.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ public String getName() {
}

public void setName(String name) {
this.name = name;
this.name = HTMLSanitizer.conditionallySanitize(name);
}

/**
Expand All @@ -105,7 +105,7 @@ public String getDescription() {
}

public void setDescription(String description) {
this.description = description;
this.description = HTMLSanitizer.conditionallySanitize(description);
}

/**
Expand Down Expand Up @@ -146,12 +146,6 @@ public void setFeedUrl(String feedUrl) {
this.feedUrl = feedUrl;
}

public void sanitize() {
// Conditionally sanitize fields not validated by Struts Validator
setName(HTMLSanitizer.conditionallySanitize(this.name));
setDescription(this.description == null ? "" : HTMLSanitizer.conditionallySanitize(this.description));
}

//---------------------------------------------------------- Relationships

public org.apache.roller.weblogger.pojos.WeblogBookmarkFolder getFolder() {
Expand Down
8 changes: 1 addition & 7 deletions app/src/main/java/org/apache/roller/weblogger/pojos/WeblogBookmarkFolder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ public String getName() {
}

public void setName(String name) {
this.name = name;
this.name = HTMLSanitizer.conditionallySanitize(name);
}

/**
Expand Down Expand Up @@ -188,10 +188,4 @@ public List<WeblogBookmark> retrieveBookmarks() throws WebloggerException {
BookmarkManager bmgr = WebloggerFactory.getWeblogger().getBookmarkManager();
return bmgr.getBookmarks(this);
}

public void sanitize() {
// Conditionally sanitize fields not validated by Struts Validator
setName(HTMLSanitizer.conditionallySanitize(getName()));
}

}

0 comments on commit dc4dfe0

Please sign in to comment.