Author: dolander
Date: Mon Jan 17 11:04:32 2005
New Revision: 125433

URL: http://svn.apache.org/viewcvs?view=rev&rev=125433
Log:
Add a encodeHtml property to the Tree tag.  This will cause the label and 
content
to be escaped for HTML.



Added:
   incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageOne.html
   
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageThree.html
   incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageTwo.html
   
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/encodeContent.jsp
   
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/tests/RichTreeEncodeContent.xml
Modified:
   
incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java
   
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf
   incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp
   
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml

Modified: 
incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java?view=diff&rev=125433&p1=incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java&r1=125432&p2=incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java&r2=125433
==============================================================================
--- 
incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java
    (original)
+++ 
incubator/beehive/trunk/netui/src/tags-html/org/apache/beehive/netui/tags/tree/Tree.java
    Mon Jan 17 11:04:32 2005
@@ -114,7 +114,7 @@
     private String _tagId;                   // tag that should uniquely 
indentify a tree.  Required for multiple tree using auto expand
     private String[] _expanded = null;
     private boolean _runAtClient = false;    // run at client
-    private boolean _escapeLabels = false;  // esapce the content of labels
+    private boolean _escapeContent = false;  // esapce the content of labels
     private boolean _outputJavaScript = false; // cause the base javascript 
support to be output
 
     private InheritableState _iState = new InheritableState();
@@ -385,13 +385,13 @@
     /**
      * This attribue will cause the content of labels to be escaped when the 
value if <i>true</i>.
      * The default value is <i>false</i>.
-     * @param escapeLabels
+     * @param htmlEscape
      * @netui:attribute required="false"
      * description="When true the content of labels will be escaped for HTML."
      */
-    public void setEscapeLabels(boolean escapeLabels)
+    public void setEscapeForHtml(boolean htmlEscape)
     {
-        _escapeLabels = escapeLabels;
+        _escapeContent = htmlEscape;
     }
 
     /**
@@ -1012,6 +1012,12 @@
         // Render the label for this node (if any)
         String label = node.getLabel();
         if (label != null) {
+            if (_escapeContent) {
+                StringBuilder s = new StringBuilder(label.length() + 16);
+                StringBuilderRenderAppender sbAppend = new 
StringBuilderRenderAppender(sb);
+                HtmlUtils.filter(label, sbAppend);
+                label = s.toString();
+            }
             sb.append(label);
             sb.append("&nbsp;");
         }
@@ -1020,6 +1026,12 @@
         // if there is content then we should render that here...
         String ctnt = node.getContent();
         if (ctnt != null) {
+            if (_escapeContent) {
+                StringBuilder s = new StringBuilder(ctnt.length() + 16);
+                StringBuilderRenderAppender sbAppend = new 
StringBuilderRenderAppender(sb);
+                HtmlUtils.filter(ctnt, sbAppend);
+                ctnt = s.toString();
+            }
             sb.append("\n      ");
             sb.append(ctnt);
         }

Modified: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf?view=diff&rev=125433&p1=incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf&r1=125432&p2=incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf&r2=125433
==============================================================================
--- 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf  
    (original)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/Controller.jpf  
    Mon Jan 17 11:04:32 2005
@@ -769,6 +769,7 @@
     private TreeElement _tree17;
     private TreeElement _tree18;
     private TreeElement _tree19;
+    private TreeElement _tree20;
 
 
     private String _expand = "&nbsp;";
@@ -924,6 +925,14 @@
     public void setTree19(TreeElement tn) {
         _tree19 = tn;
     }
+
+    public TreeElement getTree20() {
+        return _tree20;
+    }
+
+    public void setTree20(TreeElement tn) {
+        _tree20 = tn;
+    }
     
     
     //************************************************************************
@@ -1154,6 +1163,7 @@
         _tree17 = null;
         _tree18 = null;
         _tree19 = null;
+        _tree20 = null;
 
         buildTrees();
         return forward;
@@ -1341,6 +1351,15 @@
     @Jpf.Forward(name = "success", path = "href.jsp")
 })
     protected Forward goHref()        {
+        Forward success = new Forward("success");
+        clearExpand();                
+        return success;
+    }
+
+    @Jpf.Action(forwards = { 
+    @Jpf.Forward(name = "success", path = "encodeContent.jsp")
+})
+    protected Forward goEncodeContent()        {
         Forward success = new Forward("success");
         clearExpand();                
         return success;

Added: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageOne.html
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageOne.html?view=auto&rev=125433
==============================================================================
--- (empty file)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageOne.html    
    Mon Jan 17 11:04:32 2005
@@ -0,0 +1,7 @@
+<html>
+    <head>
+    </head>
+    <body>
+    <h4>Page One</h4>
+    </body>
+</html>
\ No newline at end of file

Added: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageThree.html
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageThree.html?view=auto&rev=125433
==============================================================================
--- (empty file)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageThree.html  
    Mon Jan 17 11:04:32 2005
@@ -0,0 +1,7 @@
+<html>
+    <head>
+    </head>
+    <body>
+    <h4>Page Three</h4>
+    </body>
+</html>
\ No newline at end of file

Added: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageTwo.html
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageTwo.html?view=auto&rev=125433
==============================================================================
--- (empty file)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/PageTwo.html    
    Mon Jan 17 11:04:32 2005
@@ -0,0 +1,7 @@
+<html>
+    <head>
+    </head>
+    <body>
+    <h4>Page Two</h4>
+    </body>
+</html>
\ No newline at end of file

Added: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/encodeContent.jsp
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/encodeContent.jsp?view=auto&rev=125433
==============================================================================
--- (empty file)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/encodeContent.jsp
   Mon Jan 17 11:04:32 2005
@@ -0,0 +1,66 @@
+<%@ page language="java" contentType="text/html;charset=UTF-8"%>
+<%@ taglib uri="beehive-netui-tags-html.tld" prefix="netui"%>
+<netui:html>
+    <head>
+        <title>encodeContent.jsp</title>
+        <link href="style.css" rel="stylesheet" type="text/css">
+        <netui:scriptHeader treeSupport='true'/>
+        <style type="text/css">
+        .alien {
+            position: absolute;
+            left: 170pt;
+        }
+        .leaf {
+            font-family: "new century schoolbook", serif ; 
+            font-size: 10pt;
+            color: #c90000;
+        }
+        .container {
+            font-family: "new century schoolbook", serif ; 
+            font-size: 12pt;
+            color: #990000;
+        }
+        </style>
+        <netui:base/>
+    </head>
+    <netui:body>
+        <h4 class="title"><netui:anchor action="begin" 
styleClass="homeAnchor">Home</netui:anchor>encodeContent.jsp 
[goEncodeContent.do] </h4>
+        <!-- Attribute Information -->
+        <div style='float:left;width:300px'>
+        <table cellpadding="2" cellspacing="0" border="1" width="300px">
+        <tr><th>Creation</th><td>Static</td></tr>
+        <tr><th>tree</th><td>{pageFlow.tree20}</td></tr>
+        <tr><th>action</th><td>postback</td></tr>
+        <tr><th>runAtClient</th><td>false</td></tr>
+        </table>
+        </div>
+        <!-- Postback information -->
+        <div style='float:right;width:250px;border:solid 1pt gray;margin:2 4;'>
+        <p style="font-weight:bold;text-align:center;margin: 
0;padding:0;">Tree Postback Information</p>
+        <table cellpadding='0' cellspacing='2' width="100%">
+        <tr><th style="text-align:right" 
width="100pt">Expand:</th><td><netui:content 
value="${pageFlow.expand}"/></td></tr>
+        <tr><th style="text-align:right" 
width="100pt">Selection:</th><td><netui:content 
value="${pageFlow.node}"/></td></tr>
+        </table>
+        </div>
+       Verify that both the content and label may be encoded for HTML during 
tree
+       processing.  In the tree node below both the label and content contains 
JavaScript
+       which will causes an alert in the browser if not encoded.
+        <hr style="clear:left">
+        <div class="content">
+        <netui:tree dataSource="pageFlow.tree20" selectionAction="postback" 
tagId="tree" escapeForHtml="true">
+            <netui:treeItem expanded="true">
+                <netui:treeLabel>JavaScript:
+               <script language="JavaScript" type="text/JavaScript">
+                 alert("Label Script");
+                </script>
+                </netui:treeLabel>
+                <netui:treeContent>Content with JavaScript:
+               <script language="JavaScript" type="text/JavaScript">
+                 alert("Content Script");
+                </script>
+               </netui:treeContent>
+            </netui:treeItem>
+        </netui:tree>
+        </div>
+    </netui:body>
+</netui:html>

Modified: 
incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp?view=diff&rev=125433&p1=incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp&r1=125432&p2=incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp&r2=125433
==============================================================================
--- incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp   
(original)
+++ incubator/beehive/trunk/netui/test/webapps/drt/coreWeb/richTree/index.jsp   
Mon Jan 17 11:04:32 2005
@@ -23,6 +23,7 @@
     <li><netui:anchor action="goOverride">Override tree 
attributes</netui:anchor> -- [tree17] Override tree attributes</li>
     <li><netui:anchor action="goOverrideTwo">Override tree attributes 
two</netui:anchor> -- [tree18] Override the whole tree actions from the 
root</li>
     <li><netui:anchor action="goHref">Verify Href</netui:anchor> -- [tree19] 
Verify that HRefs and target work</li>
+    <li><netui:anchor action="goEncodeContent">Encode Content</netui:anchor> 
-- [tree20] Verify that HRefs and target work</li>
     </ul>
     <h4>Client Side Support</h4>
     <ul>

Modified: 
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml?view=diff&rev=125433&p1=incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml&r1=125432&p2=incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml&r2=125433
==============================================================================
--- 
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml
   (original)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/config/testRecorder-tests.xml
   Mon Jan 17 11:04:32 2005
@@ -5073,6 +5073,20 @@
          </features>
       </test>
       <test>
+         <name>RichTreeEncodeContent</name>
+         <description>Verification test of escaping for HTML content and 
label</description>
+         <webapp>coreWeb</webapp>
+         <categories>
+            <category>bvt</category>
+            <category>bvt.struts11</category>
+            <category>trees</category>
+         </categories>
+         <features>
+            <feature>Tree</feature>
+            <feature>escapeForHtml</feature>
+         </features>
+      </test>
+      <test>
          <name>RichTreeHref</name>
          <description>Test of the Href and Target attributes</description>
          <webapp>coreWeb</webapp>

Added: 
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/tests/RichTreeEncodeContent.xml
Url: 
http://svn.apache.org/viewcvs/incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/tests/RichTreeEncodeContent.xml?view=auto&rev=125433
==============================================================================
--- (empty file)
+++ 
incubator/beehive/trunk/netui/test/webapps/drt/testRecorder/tests/RichTreeEncodeContent.xml
 Mon Jan 17 11:04:32 2005
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ses:recorderSession 
xmlns:ses="http://beehive.apache.org/netui/tools/testrecorder/2004/session";>
+   <ses:sessionName>RichTreeEncodeContent</ses:sessionName>
+   <ses:tester>Daryl</ses:tester>
+   <ses:startDate>17 Jan 2005, 10:40:59.633 AM MST</ses:startDate>
+   <ses:description>Verify that we can escape for HTML labels and 
content</ses:description>
+   <ses:tests>
+      <ses:test>
+         <ses:testNumber>1</ses:testNumber>
+         <ses:request>
+            <ses:protocol>HTTP</ses:protocol>
+            <ses:protocolVersion>1.1</ses:protocolVersion>
+            <ses:host>localhost</ses:host>
+            <ses:port>8080</ses:port>
+            <ses:uri>/coreWeb/richTree/encodeContent.jsp</ses:uri>
+            <ses:method>GET</ses:method>
+            <ses:parameters/>
+            <ses:cookies>
+               <ses:cookie>
+                  <ses:name>JSESSIONID</ses:name>
+                  <ses:value>5421E1B7CC9FAEFF2B0A9A8F469AB805</ses:value>
+               </ses:cookie>
+            </ses:cookies>
+            <ses:headers>
+               <ses:header>
+                  <ses:name>accept</ses:name>
+                  
<ses:value>text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>accept-charset</ses:name>
+                  <ses:value>ISO-8859-1,utf-8;q=0.7,*;q=0.7</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>accept-encoding</ses:name>
+                  <ses:value>gzip,deflate</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>accept-language</ses:name>
+                  <ses:value>en-us,en;q=0.5</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>connection</ses:name>
+                  <ses:value>keep-alive</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>cookie</ses:name>
+                  
<ses:value>JSESSIONID=5421E1B7CC9FAEFF2B0A9A8F469AB805</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>host</ses:name>
+                  <ses:value>localhost:8080</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>keep-alive</ses:name>
+                  <ses:value>300</ses:value>
+               </ses:header>
+               <ses:header>
+                  <ses:name>user-agent</ses:name>
+                  <ses:value>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; 
rv:1.7.5) Gecko/20041107 Firefox/1.0</ses:value>
+               </ses:header>
+            </ses:headers>
+         </ses:request>
+         <ses:response>
+            <ses:statusCode>200</ses:statusCode>
+            <ses:reason/>
+            <ses:responseBody><![CDATA[<!DOCTYPE HTML PUBLIC "//W3C//DTD HTML 
4.01 Transitional//EN"
+       "http://www.w3.org/TR/html4/loose.dtd";>
+<html lang="en">
+
+    <head>
+        <title>encodeContent.jsp</title>
+        <link href="style.css" rel="stylesheet" type="text/css">
+        
+       <script 
src="/coreWeb/resources/beehive/version1/javascript/netui-tree.js"></script>
+        <style type="text/css">
+        .alien {
+            position: absolute;
+            left: 170pt;
+        }
+        .leaf {
+            font-family: "new century schoolbook", serif ; 
+            font-size: 10pt;
+            color: #c90000;
+        }
+        .container {
+            font-family: "new century schoolbook", serif ; 
+            font-size: 12pt;
+            color: #990000;
+        }
+        </style>
+        <base href="http://localhost:8080/coreWeb/richTree/encodeContent.jsp";>
+    </head>
+    <body>
+        <h4 class="title"><a href="/coreWeb/richTree/begin.do" 
class="homeAnchor">Home</a>encodeContent.jsp [goEncodeContent.do] </h4>
+        <!-- Attribute Information -->
+        <div style='float:left;width:300px'>
+        <table cellpadding="2" cellspacing="0" border="1" width="300px">
+        <tr><th>Creation</th><td>Static</td></tr>
+        <tr><th>tree</th><td>{pageFlow.tree20}</td></tr>
+        <tr><th>action</th><td>postback</td></tr>
+        <tr><th>runAtClient</th><td>false</td></tr>
+        </table>
+        </div>
+        <!-- Postback information -->
+        <div style='float:right;width:250px;border:solid 1pt gray;margin:2 4;'>
+        <p style="font-weight:bold;text-align:center;margin: 
0;padding:0;">Tree Postback Information</p>
+        <table cellpadding='0' cellspacing='2' width="100%">
+        <tr><th style="text-align:right" 
width="100pt">Expand:</th><td>&nbsp;</td></tr>
+        <tr><th style="text-align:right" 
width="100pt">Selection:</th><td>&nbsp;</td></tr>
+        </table>
+        </div>
+       Verify that both the content and label may be encoded for HTML during 
tree
+       processing.  In the tree node below both the label and content contains 
JavaScript
+       which will causes an alert in the browser if not encoded.
+        <hr style="clear:left">
+        <div class="content">
+        <div>
+   <div>
+      <img src="/coreWeb/resources/images/linelastnode.gif" 
style="vertical-align:middle;" border="0" alt="">
+      <a 
href="/coreWeb/richTree/postback.do?netui_treeselected=0&netui_treeid=tree">&nbsp;<img
 src="/coreWeb/resources/images/folder_16_pad.gif" 
style="vertical-align:middle" border="0" alt="Tree Node">&nbsp;JavaScript:
+               &lt;script language=&quot;JavaScript&quot; 
type=&quot;text/JavaScript&quot;&gt;
+                 alert(&quot;Label Script&quot;);
+                &lt;/script&gt;&nbsp;</a>Content with JavaScript:
+               &lt;script language=&quot;JavaScript&quot; 
type=&quot;text/JavaScript&quot;&gt;
+                 alert(&quot;Content Script&quot;);
+                &lt;/script&gt;
+      
+   </div>
+</div>
+
+        </div>
+    </body>
+
+</html>]]></ses:responseBody>
+         </ses:response>
+      </ses:test>
+   </ses:tests>
+   <ses:endDate>17 Jan 2005, 10:41:08.896 AM MST</ses:endDate>
+   <ses:testCount>1</ses:testCount>
+</ses:recorderSession>
\ No newline at end of file

Reply via email to