commit d88a69b1626d1ac298d2f7fb1c2d2807223c2f9a Author: Karsten Loesing <karsten.loesing@gmx.net> Date: Mon Mar 5 10:20:44 2012 +0100 Escape "s in AS names and other fields. --- build.xml | 1 + src/org/torproject/onionoo/DetailDataWriter.java | 29 +++++++++++++++------- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/build.xml b/build.xml index 995fa2f..652a49b 100644 --- a/build.xml +++ b/build.xml @@ -11,6 +11,7 @@ <path id="classpath"> <pathelement path="${classes}"/> <pathelement location="lib/commons-codec-1.4.jar"/> + <pathelement location="lib/commons-lang-2.5.jar"/> <pathelement location="lib/servlet-api.jar"/> <pathelement location="lib/descriptor.jar"/> <pathelement location="lib/maxmindgeoip.jar"/> diff --git a/src/org/torproject/onionoo/DetailDataWriter.java b/src/org/torproject/onionoo/DetailDataWriter.java index 98f0cb1..35b6484 100644 --- a/src/org/torproject/onionoo/DetailDataWriter.java +++ b/src/org/torproject/onionoo/DetailDataWriter.java @@ -21,6 +21,8 @@ import java.util.TimeZone; import java.util.TreeMap; import java.util.TreeSet; +import org.apache.commons.lang.StringEscapeUtils; + import org.torproject.descriptor.BridgePoolAssignment; import org.torproject.descriptor.Descriptor; import org.torproject.descriptor.DescriptorFile; @@ -278,11 +280,14 @@ public class DetailDataWriter { } sb.append("\n]"); if (descriptor.getContact() != null) { - sb.append(",\n\"contact\":\"" + descriptor.getContact() + "\""); + sb.append(",\n\"contact\":\"" + + StringEscapeUtils.escapeJavaScript( + descriptor.getContact()) + "\""); } if (descriptor.getPlatform() != null) { - sb.append(",\n\"platform\":\"" + descriptor.getPlatform() - + "\""); + sb.append(",\n\"platform\":\"" + + StringEscapeUtils.escapeJavaScript( + descriptor.getPlatform()) + "\""); } if (descriptor.getFamilyEntries() != null) { sb.append(",\n\"family\":["); @@ -338,19 +343,24 @@ public class DetailDataWriter { sb.append(",\n\"longitude\":" + longitude); } if (countryName != null) { - sb.append(",\n\"country_name\":\"" + countryName + "\""); + sb.append(",\n\"country_name\":\"" + + StringEscapeUtils.escapeJavaScript(countryName) + "\""); } if (regionName != null) { - sb.append(",\n\"region_name\":\"" + regionName + "\""); + sb.append(",\n\"region_name\":\"" + + StringEscapeUtils.escapeJavaScript(regionName) + "\""); } if (cityName != null) { - sb.append(",\n\"city_name\":\"" + cityName + "\""); + sb.append(",\n\"city_name\":\"" + + StringEscapeUtils.escapeJavaScript(cityName) + "\""); } if (aSNumber != null) { - sb.append(",\n\"as_number\":\"" + aSNumber + "\""); + sb.append(",\n\"as_number\":\"" + + StringEscapeUtils.escapeJavaScript(aSNumber) + "\""); } if (cityName != null) { - sb.append(",\n\"as_name\":\"" + aSName + "\""); + sb.append(",\n\"as_name\":\"" + + StringEscapeUtils.escapeJavaScript(aSName) + "\""); } /* Add exit addresses if at least one of them is distinct from the @@ -482,7 +492,8 @@ public class DetailDataWriter { sb.append("\"desc_published\":\"" + publishedDateTime + "\",\n" + "\"last_restarted\":\"" + lastRestartedString + "\",\n" + "\"advertised_bandwidth\":" + advertisedBandwidth + ",\n" - + "\"platform\":\"" + descriptor.getPlatform() + "\""); + + "\"platform\":\"" + StringEscapeUtils.escapeJavaScript( + descriptor.getPlatform()) + "\""); descriptorParts = sb.toString(); }