This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.scripting.sightly.compiler-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-scripting-sightly-compiler.git
commit 2a9aea4bf89f99ad0f4f334cf853fb3f1449ef5f Author: Radu Cotescu <[email protected]> AuthorDate: Fri Aug 19 13:33:14 2016 +0000 SLING-5944 - Sightly doesn't allow to overwrite the context for `data-sly-element` * skip applying elementContext if the expression is an XSS RuntimeCall already * updated TCK to 1.2.4 which provides a test for data-sly-element with context set to unsafe git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/scripting/sightly/compiler@1756915 13f79535-47bb-0310-9956-ffa450edef68 --- .../scripting/sightly/impl/plugin/ElementPlugin.java | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/main/java/org/apache/sling/scripting/sightly/impl/plugin/ElementPlugin.java b/src/main/java/org/apache/sling/scripting/sightly/impl/plugin/ElementPlugin.java index 422b48f..89de6a2 100644 --- a/src/main/java/org/apache/sling/scripting/sightly/impl/plugin/ElementPlugin.java +++ b/src/main/java/org/apache/sling/scripting/sightly/impl/plugin/ElementPlugin.java @@ -18,14 +18,16 @@ ******************************************************************************/ package org.apache.sling.scripting.sightly.impl.plugin; +import org.apache.sling.scripting.sightly.compiler.RuntimeFunction; import org.apache.sling.scripting.sightly.compiler.commands.Conditional; import org.apache.sling.scripting.sightly.compiler.commands.OutText; import org.apache.sling.scripting.sightly.compiler.commands.OutputVariable; import org.apache.sling.scripting.sightly.compiler.commands.VariableBinding; -import org.apache.sling.scripting.sightly.compiler.expression.MarkupContext; -import org.apache.sling.scripting.sightly.impl.compiler.PushStream; import org.apache.sling.scripting.sightly.compiler.expression.Expression; import org.apache.sling.scripting.sightly.compiler.expression.ExpressionNode; +import org.apache.sling.scripting.sightly.compiler.expression.MarkupContext; +import org.apache.sling.scripting.sightly.compiler.expression.nodes.RuntimeCall; +import org.apache.sling.scripting.sightly.impl.compiler.PushStream; import org.apache.sling.scripting.sightly.impl.compiler.frontend.CompilerContext; import org.apache.sling.scripting.sightly.impl.filter.ExpressionContext; @@ -40,7 +42,7 @@ public class ElementPlugin extends AbstractPlugin { return new DefaultPluginInvoke() { - private final ExpressionNode node = compilerContext.adjustToContext(expression, MarkupContext.ELEMENT_NAME, ExpressionContext + private final ExpressionNode node = adjustContext(compilerContext, expression, MarkupContext.ELEMENT_NAME, ExpressionContext .ELEMENT).getRoot(); private String tagVar = compilerContext.generateVariable("tagVar"); @@ -87,4 +89,16 @@ public class ElementPlugin extends AbstractPlugin { }; } + + private Expression adjustContext(CompilerContext compilerContext, Expression expression, MarkupContext markupContext, + ExpressionContext expressionContext) { + ExpressionNode root = expression.getRoot(); + if (root instanceof RuntimeCall) { + RuntimeCall runtimeCall = (RuntimeCall) root; + if (runtimeCall.getFunctionName().equals(RuntimeFunction.XSS)) { + return expression; + } + } + return compilerContext.adjustToContext(expression, markupContext, expressionContext); + } } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
