----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/58657/#review172761 -----------------------------------------------------------
Ship it! Ship It! - Sebastian Toader On April 24, 2017, 9:59 a.m., Attila Magyar wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/58657/ > ----------------------------------------------------------- > > (Updated April 24, 2017, 9:59 a.m.) > > > Review request for Ambari, Attila Doroszlai, Laszlo Puskas, Robert Levas, and > Sebastian Toader. > > > Bugs: AMBARI-20823 > https://issues.apache.org/jira/browse/AMBARI-20823 > > > Repository: ambari > > > Description > ------- > > Remove user input from invalid renderer error message to avoid potential XSS > attacks. > > throw new IllegalArgumentException("Invalid renderer name: " + name + " for > resource of type: " + m_type); > should be removed and the error message changed to: "Invalid renderer name > for resource of type <resource type>" > > > Diffs > ----- > > > ambari-server/src/main/java/org/apache/ambari/server/api/resources/BaseResourceDefinition.java > 99bcd03 > > ambari-server/src/test/java/org/apache/ambari/server/api/resources/BaseResourceDefinitionTest.java > e076268 > > > Diff: https://reviews.apache.org/r/58657/diff/1/ > > > Testing > ------- > > modified existing unittest > > existing tests: passed > > > Thanks, > > Attila Magyar > >