List of usage examples for org.apache.commons.lang3 StringEscapeUtils escapeHtml4
public static final String escapeHtml4(final String input)
Escapes the characters in a String using HTML entities.
For example:
"bread" & "butter"
"bread" & "butter".
From source file:no.kantega.publishing.api.taglibs.mini.FormTag.java
@Override public int doAfterBody() throws JspException { HttpServletRequest request = (HttpServletRequest) pageContext.getRequest(); Content currentEditContent = (Content) request.getAttribute(AdminSessionAttributes.CURRENT_EDIT_CONTENT); Boolean hearingEnabled = (Boolean) request.getAttribute("hearingEnabled"); SecuritySession session = SecuritySession.getInstance(request); boolean canApprove = session.isAuthorized(currentEditContent, Privilege.APPROVE_CONTENT); ContentStatus contentStatus = (canApprove) ? ContentStatus.PUBLISHED : ContentStatus.WAITING_FOR_APPROVAL; if (action == null) { action = request.getContextPath() + "/admin/publish/SimpleEditContent.action"; }//from w ww. j a va 2s . c o m String redirectUrl = request.getParameter("redirectUrl"); String draftRedirectUrl = request.getParameter("draftRedirectUrl"); String cancelUrl = request.getParameter("cancelUrl"); if (cancelUrl == null) { cancelUrl = redirectUrl; } try { String body = bodyContent.getString(); JspWriter out = bodyContent.getEnclosingWriter(); //TODO: Improvement: Use the page's language if this is one of Flyt CMS' supported admin languages. Locale locale = Aksess.getDefaultAdminLocale(); out.write("<script type=\"text/javascript\">" + "var hasSubmitted = false;" + "function saveContent(status) {" + " if (!hasSubmitted) {" + " hasSubmitted=true;" + " document.myform.status.value=status;" + " document.myform.submit();" + " }" + "}" + "</script>"); if (!hideInfoMessages) { if (!canApprove) { out.write("<div class=\"ui-state-highlight\">" + LocaleLabels.getLabel("aksess.simpleedit.approvereminder", locale) + "</div>"); } if (currentEditContent.getStatus() == ContentStatus.DRAFT && currentEditContent.getVersion() > 1) { out.write("<div class=\"ui-state-highlight\">" + LocaleLabels.getLabel("aksess.simpleedit.editdraft", locale) + "</div>"); } } out.write("<form name=\"myform\" id=\"EditContentForm\" action=\"" + action + "\" method=\"post\" enctype=\"multipart/form-data\">" + " <input type=\"hidden\" id=\"ContentStatus\" name=\"status\" value=\"" + contentStatus + "\">" + " <input type=\"hidden\" name=\"currentId\" value=\"" + currentEditContent.getId() + "\">" + " <input type=\"hidden\" id=\"ContentIsModified\" name=\"isModified\" value=\"true\">" + " <input type=\"hidden\" id=\"AddRepeaterRow\" name=\"addRepeaterRow\" value=\"\">" + " <input type=\"hidden\" id=\"DeleteRepeaterRow\" name=\"deleteRepeaterRow\" value=\"\">"); if (allowDraft && isNotBlank(redirectUrl)) { out.write(" <input type=\"hidden\" name=\"redirectUrl\" value=\"" + StringEscapeUtils.escapeHtml4(redirectUrl) + "\">"); } if (isNotBlank(draftRedirectUrl)) { out.write(" <input type=\"hidden\" name=\"draftRedirectUrl\" value=\"" + StringEscapeUtils.escapeHtml4(draftRedirectUrl) + "\">"); } if (isNotBlank(cancelUrl)) { out.write(" <input type=\"hidden\" name=\"cancelUrl\" value=\"" + StringEscapeUtils.escapeHtml4(cancelUrl) + "\">"); } out.write(body); String submitButtonLabel = (canApprove) ? LocaleLabels.getLabel("aksess.button.publish", locale) : LocaleLabels.getLabel("aksess.button.save", locale); out.write(" <input class=\"editContentButton submit\" type=\"button\" value=\"" + submitButtonLabel + "\" onclick=\"saveContent(" + ContentStatus.PUBLISHED.getTypeAsInt() + ")\">"); if (allowDraft) { out.write(" <input class=\"editContentButton draft\" type=\"button\" value=\"" + LocaleLabels.getLabel("aksess.button.savedraft", locale) + "\" onclick=\"saveContent(" + ContentStatus.DRAFT.getTypeAsInt() + ")\">"); } if (hearingEnabled != null && hearingEnabled) { String url = "openaksess.common.modalWindow.open({title:'" + LocaleLabels.getLabel("aksess.hearing.title", locale) + "', iframe:true, href: '" + request.getContextPath() + "/admin/publish/popups/SaveHearing.action' ,width: 600, height:550});"; out.write(" <input class=\"editContentButton hearing\" type=\"button\" value=\"" + LocaleLabels.getLabel("aksess.button.hearing", locale) + "\" onclick=\"" + url + "\">"); } String cancelAction = request.getContextPath() + "/SimpleEditCancel.action"; if (cancelUrl != null && cancelUrl.trim().length() > 0) { cancelAction = cancelAction + "?redirectUrl=" + cancelUrl; } out.write(" <input class=\"editContentButton cancel\" type=\"button\" value=\"" + LocaleLabels.getLabel("aksess.button.cancel", locale) + "\" onclick=\"window.location.href ='" + cancelAction + "'\">"); if (showattachmentmodal) { String url = "openaksess.common.modalWindow.open({title:'" + LocaleLabels.getLabel("aksess.tab.attachments", locale) + "', iframe:true, href: '" + request.getContextPath() + "/admin/publish/popups/ShowAttachments.action?contentId=" + currentEditContent.getId() + "' ,width: 600, height:550});"; out.write(" <input class=\"editContentButton attachments\" type=\"button\" value=\"" + LocaleLabels.getLabel("aksess.tab.attachments", locale) + "\" onclick=\"" + url + "\">"); } out.write("</form>"); allowDraft = false; } catch (IOException e) { log.error("", e); } return SKIP_BODY; }
From source file:no.kantega.publishing.security.action.LoginAction.java
public ModelAndView handleRequest(HttpServletRequest request, HttpServletResponse response) throws Exception { String username = request.getParameter("j_username"); String domain = request.getParameter("j_domain"); String password = request.getParameter("j_password"); String redirect = defaultString(request.getParameter("redirect"), Aksess.getContextPath()); String rememberMe = request.getParameter("remember_me"); if (loginRequireSsl && !request.isSecure()) { return redirectToSecure(request); }// w ww. j a va 2s .co m // If login page is secure, redirect to secure page after logging in if (request.isSecure() && redirect.startsWith("http:")) { redirect = redirect.replaceFirst("http:", "https:"); } // Checks if no roles exists and redirects to setup page if (!rolesExists) { return new ModelAndView(new RedirectView(Aksess.getContextPath() + "/CreateInitialUser.action")); } ResetPasswordTokenManager resetPasswordTokenManager = getResetPasswordTokenManager(); Map<String, Object> model = new HashMap<>(); model.put("redirect", StringEscapeUtils.escapeHtml4(redirect)); model.put("username", StringEscapeUtils.escapeHtml4(username)); model.put("loginLayout", getLoginLayout()); if (Aksess.isSecurityAllowPasswordReset() && resetPasswordTokenManager != null) { model.put("allowPasswordReset", true); } if (username != null && password != null) { Identity identity = DefaultIdentity.withDomainAndUserId(domain, username); boolean blockedUser = userLoginRestrictor.isBlocked(username); boolean blockedIp = ipLoginRestrictor.isBlocked(request.getRemoteAddr()); if (blockedUser || blockedIp) { // User or ip should be blocked, to many login attempts if (blockedUser) { model.put("blockedUser", Boolean.TRUE); log.info("Too many attempts. User is blocked from login:" + username); } else { model.put("blockedIP", Boolean.TRUE); log.info("Too many attempts. IP-adress is blocked from login:" + request.getRemoteAddr()); } } else { PasswordManager passwordManager = getPasswordManager(domain); if (passwordManager == null) { throw new ConfigurationException("PasswordManager == null for domain " + domain + ""); } if (passwordManager.verifyPassword(identity, password)) { log.info("Verified password for " + identity.getUserId()); if (twoFactorAuthenticationEnabled()) { return handleTwoFactorAuthentication(identity, model); } else { LoginHelper.registerSuccessfulLogin(userLoginRestrictor, ipLoginRestrictor, request, username, domain); boolean rememberMeEnabled = configuration.getBoolean("security.login.rememberme.enabled", false); if (rememberMeEnabled && rememberMe != null && rememberMe.equals("on")) { rememberMeHandler.rememberUser(response, username, domain); } return new ModelAndView(new RedirectView(redirect)); } } else { // Register failed login userLoginRestrictor.registerLoginAttempt(username, false); ipLoginRestrictor.registerLoginAttempt(request.getRemoteAddr(), false); eventLog.log(username, request.getRemoteAddr(), Event.FAILED_LOGIN, username, null); model.put("loginfailed", Boolean.TRUE); } } } return new ModelAndView(loginView, model); }
From source file:no.kantega.publishing.security.action.LoginTokenAction.java
@RequestMapping(value = "/LoginToken.action", method = RequestMethod.POST) public ModelAndView handleLoginToken(HttpServletRequest request, @RequestParam String username, @RequestParam String domain, @RequestParam String logintoken, @RequestParam String redirect) { Identity identity = DefaultIdentity.withDomainAndUserId(domain, username); Map<String, Object> model = new HashMap<>(); if (loginTokenRestrictor.isBlocked(username)) { model.put("blockedUser", true); } else {//from w w w . j a v a 2 s.com LoginTokenVerification tokenVerification = loginTokenManager.verifyLoginToken(identity, new DefaultLoginToken(logintoken)); switch (tokenVerification) { case VALID: return handleValidToken(request, identity, redirect); case INVALID: handleInvalidToken(model, identity); break; case EXPIRED: handleExpiredToken(model); break; } } model.put("redirect", StringEscapeUtils.escapeHtml4(redirect)); model.put("username", StringEscapeUtils.escapeHtml4(username)); return new ModelAndView(twofactorAuthView, model); }
From source file:org.ambraproject.rhino.service.impl.ArticleCrudServiceImpl.java
/** * {@inheritDoc}//from w w w . j a v a 2s . c om * * @param articleId */ @Override public String getRawCategoriesAndText(final ArticleIdentifier articleId) throws IOException { Article article = readArticle(articleId); ArticleRevision revision = readLatestRevision(article); Document manuscriptXml = getManuscriptXml(revision.getIngestion()); List<String> rawTermsAndText = taxonomyService.getRawTerms(manuscriptXml, article, true /*isTextRequired*/); StringBuilder cleanedTermsAndText = new StringBuilder(); cleanedTermsAndText.append("<pre>"); // HTML-escape the text, which is in the first element of the result array cleanedTermsAndText.append(StringEscapeUtils.escapeHtml4(rawTermsAndText.get(0))); cleanedTermsAndText.append("\n"); for (int i = 1; i < rawTermsAndText.size(); i++) { String term = rawTermsAndText.get(i).replaceAll("<TERM>", "").replaceAll("</TERM>", ""); cleanedTermsAndText.append("\n"); cleanedTermsAndText.append(term); } cleanedTermsAndText.append("</pre>"); return cleanedTermsAndText.toString(); }
From source file:org.apache.asterix.common.config.ConfigUsageTest.java
private StringBuilder center(StringBuilder buf, String string, int width) { if (string == null) { string = ""; }// w ww . j a v a 2s . c o m string = StringEscapeUtils.escapeHtml4(string); int pad = width - string.length(); int leftPad = pad / 2; for (int i = leftPad; i > 0; i--) { buf.append(' '); } buf.append(string); for (int i = pad - leftPad; i > 0; i--) { buf.append(' '); } return buf; }
From source file:org.apache.asterix.common.config.ConfigUsageTest.java
private StringBuilder pad(StringBuilder buf, String string, int width, char padChar) { if (string == null) { string = ""; }//from www .ja va 2 s . c om string = StringEscapeUtils.escapeHtml4(string); buf.append(string); for (int i = width - string.length(); i > 0; i--) { buf.append(padChar); } return buf; }
From source file:org.apache.chemistry.opencmis.server.impl.webservices.CmisWebServicesServlet.java
private void printPage(HttpServletRequest request, HttpServletResponse response, UrlBuilder baseUrl) throws ServletException, IOException { response.setStatus(HttpServletResponse.SC_OK); response.setContentType("text/html"); response.setCharacterEncoding(IOUtils.UTF8); String urlEscaped = StringEscapeUtils .escapeHtml4((new UrlBuilder(baseUrl)).addPath("cmis").addParameter("wsdl").toString()); PrintWriter pw = response.getWriter(); pw.print("<html><head><title>Apache Chemistry OpenCMIS - CMIS " + cmisVersion.value() + " Web Services</title>" + "<style><!--H1 {font-size:24px;line-height:normal;font-weight:bold;background-color:#f0f0f0;color:#003366;border-bottom:1px solid #3c78b5;padding:2px;} " + "BODY {font-family:Verdana,arial,sans-serif;color:black;font-size:14px;} " + "HR {color:#3c78b5;height:1px;}--></style></head><body>"); pw.print("<h1>CMIS " + cmisVersion.value() + " Web Services</h1>"); pw.print("<p>CMIS WSDL for all services: <a href=\"" + urlEscaped + "\">" + urlEscaped + "</a></p>"); pw.print("</html></body>"); pw.flush();/*from w ww . j av a 2 s. com*/ }
From source file:org.apache.cloud.rdf.web.sail.RdfController.java
private void performUpdate(final String query, final SailRepositoryConnection conn, final ServletOutputStream os, final String infer, final String vis) throws RepositoryException, MalformedQueryException, IOException { final Update update = conn.prepareUpdate(QueryLanguage.SPARQL, query); if (infer != null && infer.length() > 0) { update.setBinding(RdfCloudTripleStoreConfiguration.CONF_INFER, VALUE_FACTORY.createLiteral(Boolean.parseBoolean(infer))); }/*from w ww . j a v a 2 s . c om*/ if (conn.getSailConnection() instanceof RdfCloudTripleStoreConnection && vis != null) { final RdfCloudTripleStoreConnection<?> sailConnection = (RdfCloudTripleStoreConnection<?>) conn .getSailConnection(); sailConnection.getConf().set(RdfCloudTripleStoreConfiguration.CONF_CV, vis); } final long startTime = System.currentTimeMillis(); try { update.execute(); } catch (final UpdateExecutionException e) { final String message = "Update could not be successfully completed for query: "; os.print(String.format(message + "%s\n\n", StringEscapeUtils.escapeHtml4(query))); log.error(message + LogUtils.clean(query), e); } log.info(String.format("Update Time = %.3f\n", (System.currentTimeMillis() - startTime) / 1000.)); }
From source file:org.apache.flink.client.program.Client.java
public OptimizedPlan getOptimizedPlan(PackagedProgram prog, int parallelism) throws CompilerException, ProgramInvocationException { Thread.currentThread().setContextClassLoader(prog.getUserCodeClassLoader()); if (prog.isUsingProgramEntryPoint()) { return getOptimizedPlan(prog.getPlanWithJars(), parallelism); } else if (prog.isUsingInteractiveMode()) { // temporary hack to support the optimizer plan preview OptimizerPlanEnvironment env = new OptimizerPlanEnvironment(this.compiler); if (parallelism > 0) { env.setDegreeOfParallelism(parallelism); }/*from w w w .ja v a2 s . c o m*/ env.setAsContext(); // temporarily write syser and sysout to bytearray. PrintStream originalOut = System.out; PrintStream originalErr = System.err; ByteArrayOutputStream baos = new ByteArrayOutputStream(); System.setOut(new PrintStream(baos)); ByteArrayOutputStream baes = new ByteArrayOutputStream(); System.setErr(new PrintStream(baes)); try { ContextEnvironment.disableLocalExecution(); prog.invokeInteractiveModeForExecution(); } catch (ProgramInvocationException e) { throw e; } catch (Throwable t) { // the invocation gets aborted with the preview plan if (env.optimizerPlan != null) { return env.optimizerPlan; } else { throw new ProgramInvocationException("The program caused an error: ", t); } } finally { System.setOut(originalOut); System.setErr(originalErr); System.err.println(baes); System.out.println(baos); } throw new ProgramInvocationException( "The program plan could not be fetched. The program silently swallowed the control flow exceptions.\n" + "System.err: " + StringEscapeUtils.escapeHtml4(baes.toString()) + " \n" + "System.out: " + StringEscapeUtils.escapeHtml4(baos.toString()) + " \n"); } else { throw new RuntimeException(); } }
From source file:org.apache.flink.client.web.JobSubmissionServlet.java
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String action = req.getParameter(ACTION_PARAM_NAME); if (checkParameterSet(resp, action, "action")) { return;//w ww .j av a 2 s . co m } // decide according to the action if (action.equals(ACTION_SUBMIT_VALUE)) { // --------------- submit a job ------------------- // get the parameters String options = req.getParameter(OPTIONS_PARAM_NAME); String jobName = req.getParameter(JOB_PARAM_NAME); String assemblerClass = req.getParameter(CLASS_PARAM_NAME); String arguments = req.getParameter(ARGUMENTS_PARAM_NAME); String showPlan = req.getParameter(SHOW_PLAN_PARAM_NAME); String suspendPlan = req.getParameter(SUSPEND_PARAM_NAME); // check that parameters are set // do NOT check 'options' or 'assemblerClass' -> it is OK if not set if (checkParameterSet(resp, jobName, JOB_PARAM_NAME) || checkParameterSet(resp, arguments, ARGUMENTS_PARAM_NAME) || checkParameterSet(resp, showPlan, SHOW_PLAN_PARAM_NAME) || checkParameterSet(resp, suspendPlan, SUSPEND_PARAM_NAME)) { return; } boolean show = Boolean.parseBoolean(showPlan); boolean suspend = Boolean.parseBoolean(suspendPlan); List<String> cliOptions; try { cliOptions = tokenizeArguments(options); } catch (IllegalArgumentException iaex) { showErrorPage(resp, "Flink options contain an unterminated quoted string."); return; } List<String> cliArguments; try { cliArguments = tokenizeArguments(arguments); } catch (IllegalArgumentException iaex) { showErrorPage(resp, "Program arguments contain an unterminated quoted string."); return; } String[] args = new String[1 + (assemblerClass == null ? 0 : 2) + cliOptions.size() + 1 + cliArguments.size()]; List<String> parameters = new ArrayList<String>(args.length); parameters.add(CliFrontend.ACTION_INFO); parameters.addAll(cliOptions); if (assemblerClass != null) { parameters.add("-" + CliFrontendParser.CLASS_OPTION.getOpt()); parameters.add(assemblerClass); } parameters.add(jobStoreDirectory + File.separator + jobName); parameters.addAll(cliArguments); FlinkPlan optPlan; try { this.cli.parseParameters(parameters.toArray(args)); optPlan = this.cli.getFlinkPlan(); if (optPlan == null) { // wrapping hack to get this exception handled correctly by following catch block throw new RuntimeException(new Exception("The optimized plan could not be produced.")); } } catch (RuntimeException e) { Throwable t = e.getCause(); if (t instanceof ProgramInvocationException) { // collect the stack trace StringWriter sw = new StringWriter(); PrintWriter w = new PrintWriter(sw); if (t.getCause() == null) { t.printStackTrace(w); } else { t.getCause().printStackTrace(w); } String message = sw.toString(); message = StringEscapeUtils.escapeHtml4(message); showErrorPage(resp, "An error occurred while invoking the program:<br/><br/>" + t.getMessage() + "<br/>" + "<br/><br/><pre>" + message + "</pre>"); return; } else if (t instanceof CompilerException) { // collect the stack trace StringWriter sw = new StringWriter(); PrintWriter w = new PrintWriter(sw); t.printStackTrace(w); String message = sw.toString(); message = StringEscapeUtils.escapeHtml4(message); showErrorPage(resp, "An error occurred in the compiler:<br/><br/>" + t.getMessage() + "<br/>" + (t.getCause() != null ? "Caused by: " + t.getCause().getMessage() : "") + "<br/><br/><pre>" + message + "</pre>"); return; } else { // collect the stack trace StringWriter sw = new StringWriter(); PrintWriter w = new PrintWriter(sw); t.printStackTrace(w); String message = sw.toString(); message = StringEscapeUtils.escapeHtml4(message); showErrorPage(resp, "An unexpected error occurred:<br/><br/>" + t.getMessage() + "<br/><br/><pre>" + message + "</pre>"); return; } } // redirect according to our options if (show) { // we have a request to show the plan // create a UID for the job Long uid; do { uid = Math.abs(this.rand.nextLong()); } while (this.submittedJobs.containsKey(uid)); // dump the job to a JSON file String planName = uid + ".json"; File jsonFile = new File(this.planDumpDirectory, planName); if (optPlan instanceof StreamingPlan) { ((StreamingPlan) optPlan).dumpStreamingPlanAsJSON(jsonFile); } else { PlanJSONDumpGenerator jsonGen = new PlanJSONDumpGenerator(); jsonGen.setEncodeForHTML(true); jsonGen.dumpOptimizerPlanAsJSON((OptimizedPlan) optPlan, jsonFile); } // submit the job only, if it should not be suspended if (!suspend) { parameters.set(0, CliFrontend.ACTION_RUN); try { this.cli.parseParameters(parameters.toArray(args)); } catch (RuntimeException e) { LOG.error("Error submitting job to the job-manager.", e.getCause()); showErrorPage(resp, e.getCause().getMessage()); return; } } else { this.submittedJobs.put(uid, this.cli.getJobGraph()); } // redirect to the plan display page resp.sendRedirect("showPlan?id=" + uid + "&suspended=" + (suspend ? "true" : "false")); } else { // don't show any plan. directly submit the job and redirect to the // runtime monitor parameters.set(0, CliFrontend.ACTION_RUN); try { this.cli.parseParameters(parameters.toArray(args)); } catch (RuntimeException e) { LOG.error("Error submitting job to the job-manager.", e.getCause()); // HACK: Is necessary because Message contains whole stack trace String errorMessage = e.getCause().getMessage().split("\n")[0]; showErrorPage(resp, errorMessage); return; } resp.sendRedirect(START_PAGE_URL); } } else if (action.equals(ACTION_RUN_SUBMITTED_VALUE)) { // --------------- run a job that has been submitted earlier, but was ------------------- // --------------- not executed because of a plan display ------------------- String id = req.getParameter("id"); if (checkParameterSet(resp, id, "id")) { return; } Long uid = null; try { uid = Long.parseLong(id); } catch (NumberFormatException nfex) { showErrorPage(resp, "An invalid id for the job was provided."); return; } // get the retained job JobGraph job = submittedJobs.remove(uid); if (job == null) { resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No job with the given uid was retained for later submission."); return; } // submit the job try { Client client = new Client(GlobalConfiguration.getConfiguration(), getClass().getClassLoader()); client.run(job, false); } catch (Exception ex) { LOG.error("Error submitting job to the job-manager.", ex); resp.setStatus(HttpServletResponse.SC_BAD_REQUEST); // HACK: Is necessary because Message contains whole stack trace String errorMessage = ex.getMessage().split("\n")[0]; resp.getWriter().print(errorMessage); // resp.sendError(HttpServletResponse.SC_BAD_REQUEST, ex.getMessage()); return; } // redirect to the start page resp.sendRedirect(START_PAGE_URL); } else if (action.equals(ACTION_BACK_VALUE)) { // remove the job from the map String id = req.getParameter("id"); if (checkParameterSet(resp, id, "id")) { return; } Long uid = null; try { uid = Long.parseLong(id); } catch (NumberFormatException nfex) { showErrorPage(resp, "An invalid id for the job was provided."); return; } // remove the retained job submittedJobs.remove(uid); // redirect to the start page resp.sendRedirect(START_PAGE_URL); } else { showErrorPage(resp, "Invalid action specified."); return; } }