Java Code Examples for org.owasp.encoder.Encode#forHtml()

The following examples show how to use org.owasp.encoder.Encode#forHtml() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: StartExecutionPipelineServletTest.java    From hop with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testStartExecutionPipelineServletEscapesHtmlWhenPipelineNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartExecutionPipelineServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  startExecutionPipelineServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 2
Source File: PauseTransServletTest.java    From pentaho-kettle with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testPauseTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PauseTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  pauseTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 3
Source File: SniffStepServletTest.java    From pentaho-kettle with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testSniffStepServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( SniffStepServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  sniffStepServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 4
Source File: RemoveTransServletTest.java    From pentaho-kettle with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  removeTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 5
Source File: GetWorkflowStatusServletTest.java    From hop with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testGetJobStatusServletEscapesHtmlWhenPipelineNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( GetWorkflowStatusServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  getWorkflowStatusServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );

  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );
  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );

}
Example 6
Source File: PausePipelineServletTest.java    From hop with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testPausePipelineServletEscapesHtmlWhenPipelineNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PausePipelineServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  pausePipelineServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 7
Source File: StartExecutionTransServletTest.java    From pentaho-kettle with Apache License 2.0 6 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testStartExecutionTransServletEscapesHtmlWhenTransNotFound() throws ServletException, IOException {
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );

  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartExecutionTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );

  startExecutionTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 8
Source File: AuthenticationEndpointUtil.java    From carbon-identity-framework with Apache License 2.0 5 votes vote down vote up 
/**
 * To get the property value for the base64 encoded value of the key from the ResourceBundle
 * Retrieve the value of property entry for where key is obtained after replacing "=" with "_" of base64 encoded
 * value of the given key,
 * return key if a value is not found for above calculated
 * @param resourceBundle
 * @param key
 * @return
 */
public static String i18nBase64(ResourceBundle resourceBundle, String key) {
    String base64Key = Base64.encode(key.getBytes(StandardCharsets.UTF_8)).replaceAll(PADDING_CHAR, UNDERSCORE);
    try {
        return Encode.forHtml((StringUtils.isNotBlank(resourceBundle.getString(base64Key)) ?
                resourceBundle.getString(base64Key) : key));
    } catch (Exception e) {
        // Intentionally catching Exception and if something goes wrong while finding the value for key, return
        // default, not to break the UI
        return Encode.forHtml(key);
    }
}
Example 9
Source File: Utils.java    From BotLibre with Eclipse Public License 1.0 5 votes vote down vote up 
/**
 * Escape HTML elements.
 */
public static String escapeHTML(String html) {
	/*if (html == null) {
		return "";
	}
	if ((html.indexOf('<') == -1) && (html.indexOf('>') == -1)) {
		return html;
	}
	html = html.replace("<", "&lt;");
	html = html.replace(">", "&gt;");
	return html;*/
	return Encode.forHtml(html);
}
Example 10
Source File: PrepareExecutionTransServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testPauseTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransConfiguration mockTransConf = mock( TransConfiguration.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  TransExecutionConfiguration mockTransExecutionConf = mock( TransExecutionConfiguration.class );

  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PrepareExecutionTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTransformationMap.getConfiguration( any( CarteObjectEntry.class ) ) ).thenReturn( mockTransConf );
  when( mockTransConf.getTransExecutionConfiguration() ).thenReturn( mockTransExecutionConf );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  prepareExecutionTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 11
Source File: StartPipelineServletTest.java    From hop with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testStartPipelineServletEscapesHtmlWhenPipelineFound() throws ServletException, IOException {
  HopLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Pipeline mockPipeline = mock( Pipeline.class );
  PipelineMeta mockPipelineMeta = mock( PipelineMeta.class );
  ILogChannel mockChannelInterface = mock( ILogChannel.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartPipelineServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockPipelineMap.getPipeline( any( HopServerObjectEntry.class ) ) ).thenReturn( mockPipeline );
  when( mockPipeline.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockPipeline.getLogChannelId() ).thenReturn( "test" );
  when( mockPipeline.getPipelineMeta() ).thenReturn( mockPipelineMeta );
  when( mockPipelineMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  startPipelineServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 12
Source File: RemoveJobServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveJobServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Job mockJob = mock( Job.class );
  JobMeta mockJobMeta = mock( JobMeta.class );
  LogChannelInterface mockLogChannelInterface = mock( LogChannelInterface.class );
  mockJob.setName( ServletTestUtils.BAD_STRING_TO_TEST );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveJobServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockJobMap.getJob( any( CarteObjectEntry.class ) ) ).thenReturn( mockJob );
  when( mockJob.getLogChannelId() ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockJob.getLogChannel() ).thenReturn( mockLogChannelInterface );
  when( mockJob.getJobMeta() ).thenReturn( mockJobMeta );
  when( mockJobMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  removeJobServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H3", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 13
Source File: PausePipelineServletTest.java    From hop with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testPausePipelineServletEscapesHtmlWhenPipelineFound() throws ServletException, IOException {
  HopLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Pipeline mockPipeline = mock( Pipeline.class );
  PipelineMeta mockPipelineMeta = mock( PipelineMeta.class );
  ILogChannel mockChannelInterface = mock( ILogChannel.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PausePipelineServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockPipelineMap.getPipeline( any( HopServerObjectEntry.class ) ) ).thenReturn( mockPipeline );
  when( mockPipeline.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockPipeline.getPipelineMeta() ).thenReturn( mockPipelineMeta );
  when( mockPipelineMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  pausePipelineServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 14
Source File: StartExecutionTransServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testStartExecutionTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( StartExecutionTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.isReadyToStart() ).thenReturn( true );
  when( mockTrans.getLogChannelId() ).thenReturn( "test" );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  startExecutionTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 15
Source File: GetWorkflowStatusServletTest.java    From hop with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class, Workflow.class } )
public void testGetJobStatusServletEscapesHtmlWhenPipelineFound() throws ServletException, IOException {
  HopLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  IWorkflowEngine<WorkflowMeta> mockWorkflow = PowerMockito.mock( Workflow.class );
  WorkflowMeta mockWorkflowMeta = mock( WorkflowMeta.class );
  ILogChannel mockLogChannelInterface = mock( ILogChannel.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( GetWorkflowStatusServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockWorkflowMap.getWorkflow( any( HopServerObjectEntry.class ) ) ).thenReturn( mockWorkflow );
  PowerMockito.when( mockWorkflow.getWorkflowName() ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  PowerMockito.when( mockWorkflow.getLogChannel() ).thenReturn( mockLogChannelInterface );
  PowerMockito.when( mockWorkflow.getWorkflowMeta() ).thenReturn( mockWorkflowMeta );
  PowerMockito.when( mockWorkflowMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  getWorkflowStatusServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( out.toString().contains( ServletTestUtils.BAD_STRING_TO_TEST ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 16
Source File: GetJobStatusServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class, Job.class } )
public void testGetJobStatusServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Job mockJob = PowerMockito.mock( Job.class );
  JobMeta mockJobMeta = mock( JobMeta.class );
  LogChannelInterface mockLogChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( GetJobStatusServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockJobMap.getJob( any( CarteObjectEntry.class ) ) ).thenReturn( mockJob );
  PowerMockito.when( mockJob.getJobname() ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  PowerMockito.when( mockJob.getLogChannel() ).thenReturn( mockLogChannelInterface );
  PowerMockito.when( mockJob.getJobMeta() ).thenReturn( mockJobMeta );
  PowerMockito.when( mockJobMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  getJobStatusServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( out.toString().contains( ServletTestUtils.BAD_STRING_TO_TEST ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 17
Source File: AllocateServerSocketServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testAllocateServerSocketServletEncodesParametersForHmtlResponse() throws ServletException,
  IOException {
  HttpServletRequest mockRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockResponse = mock( HttpServletResponse.class );
  SocketPortAllocation mockSocketPortAllocation = mock( SocketPortAllocation.class );
  PowerMockito.spy( Encode.class );
  final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
  ServletOutputStream servletOutputStream = new ServletOutputStream() {

    @Override
    public void write( int b ) throws IOException {
      byteArrayOutputStream.write( b );
    }
  };

  when( mockRequest.getContextPath() ).thenReturn( AllocateServerSocketServlet.CONTEXT_PATH );
  when( mockRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockResponse.getOutputStream() ).thenReturn( servletOutputStream );
  when(
    mockTransformationMap.allocateServerSocketPort(
      anyInt(), anyString(), anyString(), anyString(), anyString(), anyString(), anyString(), anyString(),
      anyString(), anyString() ) ).thenReturn( mockSocketPortAllocation );
  allocateServerSocketServlet.doGet( mockRequest, mockResponse );

  String response = byteArrayOutputStream.toString();
  // Pull out dynamic part of body, remove hardcoded html
  String dynamicBody =
    ServletTestUtils
      .getInsideOfTag( "BODY", response ).replaceAll( "<p>", "" ).replaceAll( "<br>", "" ).replaceAll(
        "<H1>.+</H1>", "" ).replaceAll( "--> port", "" );
  assertFalse( ServletTestUtils.hasBadText( dynamicBody ) );
  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 18
Source File: RemoveTransServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testRemoveTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( RemoveTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getLogChannelId() ).thenReturn( "test" );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  removeTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H3", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 19
Source File: PauseTransServletTest.java    From pentaho-kettle with Apache License 2.0 5 votes vote down vote up 
@Test
@PrepareForTest( { Encode.class } )
public void testPauseTransServletEscapesHtmlWhenTransFound() throws ServletException, IOException {
  KettleLogStore.init();
  HttpServletRequest mockHttpServletRequest = mock( HttpServletRequest.class );
  HttpServletResponse mockHttpServletResponse = mock( HttpServletResponse.class );
  Trans mockTrans = mock( Trans.class );
  TransMeta mockTransMeta = mock( TransMeta.class );
  LogChannelInterface mockChannelInterface = mock( LogChannelInterface.class );
  StringWriter out = new StringWriter();
  PrintWriter printWriter = new PrintWriter( out );

  PowerMockito.spy( Encode.class );
  when( mockHttpServletRequest.getContextPath() ).thenReturn( PauseTransServlet.CONTEXT_PATH );
  when( mockHttpServletRequest.getParameter( anyString() ) ).thenReturn( ServletTestUtils.BAD_STRING_TO_TEST );
  when( mockHttpServletResponse.getWriter() ).thenReturn( printWriter );
  when( mockTransformationMap.getTransformation( any( CarteObjectEntry.class ) ) ).thenReturn( mockTrans );
  when( mockTrans.getLogChannel() ).thenReturn( mockChannelInterface );
  when( mockTrans.getTransMeta() ).thenReturn( mockTransMeta );
  when( mockTransMeta.getMaximum() ).thenReturn( new Point( 10, 10 ) );

  pauseTransServlet.doGet( mockHttpServletRequest, mockHttpServletResponse );
  assertFalse( ServletTestUtils.hasBadText( ServletTestUtils.getInsideOfTag( "H1", out.toString() ) ) );

  PowerMockito.verifyStatic( atLeastOnce() );
  Encode.forHtml( anyString() );
}
Example 20
Source File: PathUtils.java    From document-management-system with GNU General Public License v2.0 5 votes vote down vote up 
/**
 * Eliminate dangerous chars in node name.
 * TODO Keep on sync with uploader:com.openkm.applet.Util.escape(String)
 * TODO Keep on sync with wsImporter:com.openkm.importer.Util.escape(String)
 */
public static String escape(String name) {
	String ret = cleanup(name);

	// Fix XSS issues
	ret = Encode.forHtml(ret);

	return ret;
}