This is an automated email from the ASF dual-hosted git repository.
cziegeler pushed a commit to branch http-4.x
in repository https://gitbox.apache.org/repos/asf/felix-dev.git
The following commit(s) were added to refs/heads/http-4.x by this push:
new c1c7c91536 FELIX-6757 : Properly encode bundle information
c1c7c91536 is described below
commit c1c7c915360c4b9869c5822401afd2d82430ca34
Author: Carsten Ziegeler <[email protected]>
AuthorDate: Sun Mar 9 11:18:06 2025 +0100
FELIX-6757 : Properly encode bundle information
---
.../felix/webconsole/internal/core/BundlesServlet.java | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git
a/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/BundlesServlet.java
b/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/BundlesServlet.java
index 67b4bd1e1f..b073057770 100644
---
a/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/BundlesServlet.java
+++
b/webconsole/src/main/java/org/apache/felix/webconsole/internal/core/BundlesServlet.java
@@ -85,6 +85,7 @@ import org.osgi.service.packageadmin.ExportedPackage;
import org.osgi.service.packageadmin.PackageAdmin;
import org.osgi.util.tracker.ServiceTracker;
import org.osgi.util.tracker.ServiceTrackerCustomizer;
+import org.owasp.encoder.Encode;
/**
@@ -154,24 +155,24 @@ public class BundlesServlet extends
SimpleWebConsolePlugin implements OsgiManage
super.activate( bundleContext );
bundleInfoTracker = new ServiceTracker<>( bundleContext,
BundleInfoProvider.class, new
ServiceTrackerCustomizer<BundleInfoProvider,BundleInfoProvider>() {
-
+
@Override
public BundleInfoProvider
addingService(ServiceReference<BundleInfoProvider> reference) {
return bundleContext.getService(reference);
}
-
+
@Override
public void
modifiedService(ServiceReference<BundleInfoProvider> reference,
BundleInfoProvider service) {
// nothing to do
}
-
+
@Override
public void
removedService(ServiceReference<BundleInfoProvider> reference,
BundleInfoProvider service) {
try {
bundleContext.ungetService(reference);
} catch ( final IllegalStateException ise) {
// might happen on shutdown, ignore
- }
+ }
}
});
bundleInfoTracker.open();
@@ -759,10 +760,15 @@ public class BundlesServlet extends
SimpleWebConsolePlugin implements OsgiManage
{
final Map<String, Object> obj = new LinkedHashMap<String,
Object>();
obj.put("key", key);
- obj.put("value", val);
+ if ( val instanceof String ) {
+ obj.put("value", Encode.forJavaScript((String)val));
+ } else {
+ obj.put("value", val);
+ }
props.add(obj);
}
}
+
private final void bundleDetails( final Map<String, Object> result,
final Bundle bundle,
final String pluginRoot,
