usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mdun...@apache.org
Subject usergrid git commit: html encoding fixes [Forced Update!]
Date Fri, 28 Jul 2017 18:27:38 GMT
Repository: usergrid
Updated Branches:
  refs/heads/hotfix-20170728 b3bf7ed0d -> 42d756b33 (forced update)


html encoding fixes


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/42d756b3
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/42d756b3
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/42d756b3

Branch: refs/heads/hotfix-20170728
Commit: 42d756b33654f07518c0263f18faf3a35f3ede80
Parents: 436cb80
Author: Mike Dunker <mdunker@google.com>
Authored: Fri Jul 28 11:27:10 2017 -0700
Committer: Mike Dunker <mdunker@google.com>
Committed: Fri Jul 28 11:27:10 2017 -0700

----------------------------------------------------------------------
 .../ApplicationResource/authorize_form.jsp            | 14 +++++++-------
 .../rest/applications/ApplicationResource/error.jsp   |  4 ++--
 .../rest/applications/users/UserResource/activate.jsp |  4 ++--
 .../rest/applications/users/UserResource/confirm.jsp  |  4 ++--
 .../rest/applications/users/UserResource/error.jsp    |  4 ++--
 .../users/UserResource/resetpw_email_form.jsp         | 10 +++++-----
 .../users/UserResource/resetpw_email_success.jsp      |  4 ++--
 .../users/UserResource/resetpw_set_form.jsp           |  8 ++++----
 .../users/UserResource/resetpw_set_success.jsp        |  4 ++--
 .../rest/applications/users/UsersResource/error.jsp   |  4 ++--
 .../users/UsersResource/resetpw_email_form.jsp        |  8 ++++----
 .../users/UsersResource/resetpw_email_success.jsp     |  4 ++--
 .../management/ManagementResource/authorize_form.jsp  | 14 +++++++-------
 .../rest/management/ManagementResource/error.jsp      |  4 ++--
 .../organizations/OrganizationResource/activate.jsp   |  4 ++--
 .../organizations/OrganizationResource/confirm.jsp    |  4 ++--
 .../organizations/OrganizationResource/error.jsp      |  4 ++--
 .../rest/management/users/UserResource/activate.jsp   |  4 ++--
 .../rest/management/users/UserResource/confirm.jsp    |  4 ++--
 .../rest/management/users/UserResource/error.jsp      |  4 ++--
 .../users/UserResource/resetpw_email_form.jsp         |  8 ++++----
 .../users/UserResource/resetpw_email_success.jsp      |  4 ++--
 .../users/UserResource/resetpw_set_form.jsp           |  8 ++++----
 .../users/UserResource/resetpw_set_success.jsp        |  4 ++--
 .../rest/management/users/UsersResource/error.jsp     |  4 ++--
 .../users/UsersResource/resetpw_email_form.jsp        |  6 +++---
 .../users/UsersResource/resetpw_email_success.jsp     |  4 ++--
 27 files changed, 76 insertions(+), 76 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/authorize_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/authorize_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/authorize_form.jsp
index 6b1b8b2..1ee5e31 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/authorize_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/authorize_form.jsp
@@ -28,13 +28,13 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}"><div class="dialog-form-message">${it.errorMsg}</div></c:if>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}"><div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div></c:if>
 		<form class="dialog-form" action="" method="post">
-			<input type="hidden" name="response_type" value="${it.responseType}">
-			<input type="hidden" name="client_id" value="${it.clientId}">
-			<input type="hidden" name="redirect_uri" value="${it.redirectUri}">
-			<input type="hidden" name="scope" value="${it.scope}">
-			<input type="hidden" name="state" value="${it.state}">
+			<input type="hidden" name="response_type" value="${fn:escapeXml(it.responseType)}">
+			<input type="hidden" name="client_id" value="${fn:escapeXml(it.clientId)}">
+			<input type="hidden" name="redirect_uri" value="${fn:escapeXml(it.redirectUri)}">
+			<input type="hidden" name="scope" value="${fn:escapeXml(it.scope)}">
+			<input type="hidden" name="state" value="${fn:escapeXml(it.state)}">
 			<fieldset>
 				<p>
 					<label for="username">Username</label>
@@ -56,4 +56,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/ApplicationResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/activate.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/activate.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/activate.jsp
index dfcf3b7..20e69b8 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/activate.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/activate.jsp
@@ -26,7 +26,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your account with email address <c:out value="${it.user.email}"/> has been
successfully activated.</p>
+	<p>Your account with email address <c:out value="${it.user.email}" escapeXml="true"/>
has been successfully activated.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/confirm.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/confirm.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/confirm.jsp
index 02e9ee3..d7f3acc 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/confirm.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/confirm.jsp
@@ -26,8 +26,8 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your account with email address <c:out value="${it.user.email}"/> has been
successfully confirmed.
+	<p>Your account with email address <c:out value="${it.user.email}" escapeXml="true"/>
has been successfully confirmed.
 	You will received an email soon to let you know when you account has been activated</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_form.jsp
index 0f53bfc..9d920e5 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_form.jsp
@@ -26,17 +26,17 @@ limitations under the License.
 </head>
 <body>
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}">
-			<div class="dialog-form-message">${it.errorMsg}</div>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}">
+			<div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div>
 		</c:if>
 		<form class="dialog-form" action="" method="post">
 			<fieldset>
 				<p>
 					Enter the captcha to have your password reset instructions sent to
-					<c:out value="${it.user.email}" />
+					<c:out value="${it.user.email}" escapeXml="true" />
 				</p>
 				<p id="human-proof"></p>
-				${it.reCaptchaHtml}
+				${fn:escapeXml(it.reCaptchaHtml)}
 				<p class="buttons">
 					<input type="submit" value="submit" />
 				</p>
@@ -44,4 +44,4 @@ limitations under the License.
 		</form>
 	</div>
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_success.jsp
index 23f8508..41c5176 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_email_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"/></p>
+	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"
escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_form.jsp
index a83d80d..60384c4 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_form.jsp
@@ -30,12 +30,12 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}"><div class="dialog-form-message">${it.errorMsg}</div></c:if>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}"><div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div></c:if>
 		<form class="dialog-form" action="" method="post">
-			<input type="hidden" name="token" value="${it.token}">
+			<input type="hidden" name="token" value="${fn:escapeXml(it.token)}">
 			<fieldset>
 				<p>
-					<label for="password1">Please enter your new password for <c:out value="${it.user.email}"/>.</label>
+					<label for="password1">Please enter your new password for <c:out value="${it.user.email}"
escapeXml="true"/>.</label>
 				</p>
 				<p>
 					<input class="text_field" id="password1" name="password1" type="password" />
@@ -54,4 +54,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_success.jsp
index 9de90ba..3915084 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UserResource/resetpw_set_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>New password set for <c:out value="${it.user.email}"/></p>
+	<p>New password set for <c:out value="${it.user.email}" escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_form.jsp
index 3211a3a..d60eae6 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_form.jsp
@@ -27,8 +27,8 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}">
-			<div class="dialog-form-message">${it.errorMsg}</div>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}">
+			<div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div>
 		</c:if>
 		<form class="dialog-form" action="" method="post">
 			<fieldset>
@@ -41,7 +41,7 @@ limitations under the License.
 					<input class="text_field" id="email" name="email" type="text" />
 				</p>
 				<p id="human-proof"></p>
-				${it.reCaptchaHtml}
+				${fn:escapeXml(it.reCaptchaHtml)}
 				<p class="buttons">
 					<button type="submit">Submit</button>
 				</p>
@@ -50,4 +50,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_success.jsp
index 23f8508..41c5176 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/applications/users/UsersResource/resetpw_email_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"/></p>
+	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"
escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/authorize_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/authorize_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/authorize_form.jsp
index 6b1b8b2..1ee5e31 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/authorize_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/authorize_form.jsp
@@ -28,13 +28,13 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}"><div class="dialog-form-message">${it.errorMsg}</div></c:if>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}"><div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div></c:if>
 		<form class="dialog-form" action="" method="post">
-			<input type="hidden" name="response_type" value="${it.responseType}">
-			<input type="hidden" name="client_id" value="${it.clientId}">
-			<input type="hidden" name="redirect_uri" value="${it.redirectUri}">
-			<input type="hidden" name="scope" value="${it.scope}">
-			<input type="hidden" name="state" value="${it.state}">
+			<input type="hidden" name="response_type" value="${fn:escapeXml(it.responseType)}">
+			<input type="hidden" name="client_id" value="${fn:escapeXml(it.clientId)}">
+			<input type="hidden" name="redirect_uri" value="${fn:escapeXml(it.redirectUri)}">
+			<input type="hidden" name="scope" value="${fn:escapeXml(it.scope)}">
+			<input type="hidden" name="state" value="${fn:escapeXml(it.state)}">
 			<fieldset>
 				<p>
 					<label for="username">Username</label>
@@ -56,4 +56,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/ManagementResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/activate.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/activate.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/activate.jsp
index 85114cd..f5fa14d 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/activate.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/activate.jsp
@@ -26,7 +26,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your organization <c:out value="${it.organization.name}"/> has been successfully
activated.</p>
+	<p>Your organization <c:out value="${it.organization.name}" escapeXml="true"/>
has been successfully activated.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/confirm.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/confirm.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/confirm.jsp
index f4307b7..5fb41c7 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/confirm.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/confirm.jsp
@@ -26,8 +26,8 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your organization <c:out value="${it.organization.name}"/> has been successfully
confirmed.
+	<p>Your organization <c:out value="${it.organization.name}" escapeXml="true"/>
has been successfully confirmed.
 	You will received an email soon to let you know when you organization has been activated</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/organizations/OrganizationResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/activate.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/activate.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/activate.jsp
index dfcf3b7..20e69b8 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/activate.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/activate.jsp
@@ -26,7 +26,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your account with email address <c:out value="${it.user.email}"/> has been
successfully activated.</p>
+	<p>Your account with email address <c:out value="${it.user.email}" escapeXml="true"/>
has been successfully activated.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/confirm.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/confirm.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/confirm.jsp
index 02e9ee3..d7f3acc 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/confirm.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/confirm.jsp
@@ -26,8 +26,8 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Your account with email address <c:out value="${it.user.email}"/> has been
successfully confirmed.
+	<p>Your account with email address <c:out value="${it.user.email}" escapeXml="true"/>
has been successfully confirmed.
 	You will received an email soon to let you know when you account has been activated</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_form.jsp
index 3e56cd1..6b0b48f 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_form.jsp
@@ -26,17 +26,17 @@ limitations under the License.
 </head>
 <body>
 	<div class="dialog-area password-reset-form">
-		<c:if test="${!empty it.errorMsg}">
-			<div class="dialog-form-message">${it.errorMsg}</div>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}">
+			<div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div>
 		</c:if>
 		<form class="dialog-form" action="" method="post">
 			<fieldset>
 				<p>
 					Enter the captcha to have your password reset instructions sent to
-					<c:out value="${it.user.email}" />
+					<c:out value="${it.user.email}" escapeXml="true" />
 				</p>
 				<p id="human-proof"></p>
-				${it.reCaptchaHtml}
+				${fn:escapeXml(it.reCaptchaHtml)}
 				<p class="buttons">
 					<input type="submit" value="submit" />
 				</p>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_success.jsp
index 23f8508..41c5176 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_email_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"/></p>
+	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"
escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_form.jsp
index a83d80d..60384c4 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_form.jsp
@@ -30,12 +30,12 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}"><div class="dialog-form-message">${it.errorMsg}</div></c:if>
+		<c:if test="${!empty fn:escapeXml(it.errorMsg)}"><div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div></c:if>
 		<form class="dialog-form" action="" method="post">
-			<input type="hidden" name="token" value="${it.token}">
+			<input type="hidden" name="token" value="${fn:escapeXml(it.token)}">
 			<fieldset>
 				<p>
-					<label for="password1">Please enter your new password for <c:out value="${it.user.email}"/>.</label>
+					<label for="password1">Please enter your new password for <c:out value="${it.user.email}"
escapeXml="true"/>.</label>
 				</p>
 				<p>
 					<input class="text_field" id="password1" name="password1" type="password" />
@@ -54,4 +54,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_success.jsp
index 9de90ba..3915084 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UserResource/resetpw_set_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>New password set for <c:out value="${it.user.email}"/></p>
+	<p>New password set for <c:out value="${it.user.email}" escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/error.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/error.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/error.jsp
index be184b1..d02ad40 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/error.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/error.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>An error occurred <c:out value="${it}"/>.</p>
+	<p>An error occurred <c:out value="${it}" escapeXml="true"/>.</p>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_form.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_form.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_form.jsp
index 8643016..8b15cd4 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_form.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_form.jsp
@@ -27,7 +27,7 @@ limitations under the License.
 <body>
 
 	<div class="dialog-area">
-		<c:if test="${!empty it.errorMsg}"><div class="dialog-form-message">${it.errorMsg}</div></c:if>
+		<c:if test="${!empty fn:escnapeXml(it.errorMsg)}"><div class="dialog-form-message">${fn:escapeXml(it.errorMsg)}</div></c:if>
 		<form class="dialog-form" action="" method="post">
 			<fieldset>
 				<p>
@@ -38,7 +38,7 @@ limitations under the License.
 					<input class="text_field" id="email" name="email" type="text" />
 				</p>
 				<p id="human-proof"></p>
-				${it.reCaptchaHtml}
+				${fn:escapeXml(it.reCaptchaHtml)}
 				<p class="buttons">
 					<button type="submit">Submit</button>
 				</p>
@@ -47,4 +47,4 @@ limitations under the License.
 	</div>
 
 </body>
-</html>
\ No newline at end of file
+</html>

http://git-wip-us.apache.org/repos/asf/usergrid/blob/42d756b3/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_success.jsp
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_success.jsp
b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_success.jsp
index 23f8508..41c5176 100644
--- a/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_success.jsp
+++ b/stack/rest/src/main/webapp/WEB-INF/jsp/org/apache/usergrid/rest/management/users/UsersResource/resetpw_email_success.jsp
@@ -29,7 +29,7 @@ limitations under the License.
 </head>
 <body>
 
-	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"/></p>
+	<p>Email with instructions for password reset sent to <c:out value="${it.user.email}"
escapeXml="true"/></p>
 
 </body>
-</html>
\ No newline at end of file
+</html>


Mime
View raw message