-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/58657/
-----------------------------------------------------------
Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and
Sebastian Toader.
Bugs: AMBARI-20823
https://issues.apache.org/jira/browse/AMBARI-20823
Repository: ambari
Description
-------
Remove user input from invalid renderer error message to avoid potential XSS
attacks.
throw new IllegalArgumentException("Invalid renderer name: " + name + " for
resource of type: " + m_type);
should be removed and the error message changed to: "Invalid renderer name for
resource of type <resource type>"
Diffs
-----
ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java
99bcd03
ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java
e076268
Diff: https://reviews.apache.org/r/58657/diff/1/
Testing
-------
modified existing unittest
existing tests: PENDING
Thanks,
Attila Magyar
