Author: markt Date: Wed Oct 18 10:40:01 2017 New Revision: 1812490 URL: http://svn.apache.org/viewvc?rev=1812490&view=rev Log: Remove deprecated code
Modified: tomcat/trunk/java/org/apache/catalina/manager/StatusTransformer.java tomcat/trunk/java/org/apache/catalina/storeconfig/StoreAppender.java tomcat/trunk/java/org/apache/catalina/util/RequestUtil.java tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java tomcat/trunk/java/org/apache/jasper/security/SecurityUtil.java Modified: tomcat/trunk/java/org/apache/catalina/manager/StatusTransformer.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/manager/StatusTransformer.java?rev=1812490&r1=1812489&r2=1812490&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/manager/StatusTransformer.java (original) +++ tomcat/trunk/java/org/apache/catalina/manager/StatusTransformer.java Wed Oct 18 10:40:01 2017 @@ -908,81 +908,6 @@ public class StatusTransformer { /** - * Filter the specified message string for characters that are sensitive - * in HTML. This avoids potential attacks caused by including JavaScript - * codes in the request URL that is often reported in error messages. - * - * @param obj The message string to be filtered - * @return filtered HTML content - * - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public static String filter(Object obj) { - - if (obj == null) - return "?"; - String message = obj.toString(); - - char content[] = new char[message.length()]; - message.getChars(0, message.length(), content, 0); - StringBuilder result = new StringBuilder(content.length + 50); - for (int i = 0; i < content.length; i++) { - switch (content[i]) { - case '<': - result.append("<"); - break; - case '>': - result.append(">"); - break; - case '&': - result.append("&"); - break; - case '"': - result.append("""); - break; - default: - result.append(content[i]); - } - } - return result.toString(); - - } - - - /** - * Escape the 5 entities defined by XML. - * @param s The message string to be filtered - * @return filtered XML content - * - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public static String filterXml(String s) { - if (s == null) - return ""; - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - if (c == '<') { - sb.append("<"); - } else if (c == '>') { - sb.append(">"); - } else if (c == '\'') { - sb.append("'"); - } else if (c == '&') { - sb.append("&"); - } else if (c == '"') { - sb.append("""); - } else { - sb.append(c); - } - } - return sb.toString(); - } - - - /** * Display the given size in bytes, either as KB or MB. * * @param obj The object to format Modified: tomcat/trunk/java/org/apache/catalina/storeconfig/StoreAppender.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/storeconfig/StoreAppender.java?rev=1812490&r1=1812489&r2=1812490&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/storeconfig/StoreAppender.java (original) +++ tomcat/trunk/java/org/apache/catalina/storeconfig/StoreAppender.java Wed Oct 18 10:40:01 2017 @@ -356,36 +356,6 @@ public class StoreAppender { writer.print("\""); } - /** - * Given a string, this method replaces all occurrences of '<', '>', - * '&', and '"'. - * @param input The string to escape - * @return the escaped string - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public String convertStr(String input) { - - StringBuffer filtered = new StringBuffer(input.length()); - char c; - for (int i = 0; i < input.length(); i++) { - c = input.charAt(i); - if (c == '<') { - filtered.append("<"); - } else if (c == '>') { - filtered.append(">"); - } else if (c == '\'') { - filtered.append("'"); - } else if (c == '"') { - filtered.append("""); - } else if (c == '&') { - filtered.append("&"); - } else { - filtered.append(c); - } - } - return filtered.toString(); - } /** * Is the specified property type one for which we should generate a Modified: tomcat/trunk/java/org/apache/catalina/util/RequestUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/RequestUtil.java?rev=1812490&r1=1812489&r2=1812490&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/catalina/util/RequestUtil.java (original) +++ tomcat/trunk/java/org/apache/catalina/util/RequestUtil.java Wed Oct 18 10:40:01 2017 @@ -27,49 +27,6 @@ import javax.servlet.http.HttpServletReq public final class RequestUtil { /** - * Filter the specified message string for characters that are sensitive - * in HTML. This avoids potential attacks caused by including JavaScript - * codes in the request URL that is often reported in error messages. - * - * @param message The message string to be filtered - * - * @return the filtered message - * - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public static String filter(String message) { - - if (message == null) { - return null; - } - - char content[] = new char[message.length()]; - message.getChars(0, message.length(), content, 0); - StringBuilder result = new StringBuilder(content.length + 50); - for (int i = 0; i < content.length; i++) { - switch (content[i]) { - case '<': - result.append("<"); - break; - case '>': - result.append(">"); - break; - case '&': - result.append("&"); - break; - case '"': - result.append("""); - break; - default: - result.append(content[i]); - } - } - return result.toString(); - } - - - /** * Build an appropriate return value for * {@link HttpServletRequest#getRequestURL()} based on the provided * request object. Note that this will also work for instances of Modified: tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java?rev=1812490&r1=1812489&r2=1812490&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java (original) +++ tomcat/trunk/java/org/apache/jasper/compiler/JspUtil.java Wed Oct 18 10:40:01 2017 @@ -215,37 +215,6 @@ public class JspUtil { // XXX *could* move EL-syntax validation here... (sb) } - /** - * Escape the 5 entities defined by XML. - * @param s String to escape - * @return XML escaped string - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public static String escapeXml(String s) { - if (s == null) { - return null; - } - StringBuilder sb = new StringBuilder(); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - if (c == '<') { - sb.append("<"); - } else if (c == '>') { - sb.append(">"); - } else if (c == '\'') { - sb.append("'"); - } else if (c == '&') { - sb.append("&"); - } else if (c == '"') { - sb.append("""); - } else { - sb.append(c); - } - } - return sb.toString(); - } - public static class ValidAttribute { private final String name; Modified: tomcat/trunk/java/org/apache/jasper/security/SecurityUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/jasper/security/SecurityUtil.java?rev=1812490&r1=1812489&r2=1812490&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/jasper/security/SecurityUtil.java (original) +++ tomcat/trunk/java/org/apache/jasper/security/SecurityUtil.java Wed Oct 18 10:40:01 2017 @@ -38,46 +38,4 @@ public final class SecurityUtil{ } return false; } - - - /** - * Filter the specified message string for characters that are sensitive - * in HTML. This avoids potential attacks caused by including JavaScript - * codes in the request URL that is often reported in error messages. - * - * @param message The message string to be filtered - * @return the HTML filtered message - * - * @deprecated This method will be removed in Tomcat 9 - */ - @Deprecated - public static String filter(String message) { - - if (message == null) - return null; - - char content[] = new char[message.length()]; - message.getChars(0, message.length(), content, 0); - StringBuilder result = new StringBuilder(content.length + 50); - for (int i = 0; i < content.length; i++) { - switch (content[i]) { - case '<': - result.append("<"); - break; - case '>': - result.append(">"); - break; - case '&': - result.append("&"); - break; - case '"': - result.append("""); - break; - default: - result.append(content[i]); - } - } - return result.toString(); - - } } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org