[tor-commits] [onionoo/master] Escape "s in AS names and other fields.
karsten at torproject.org
karsten at torproject.org
Mon Mar 5 09:21:12 UTC 2012
commit d88a69b1626d1ac298d2f7fb1c2d2807223c2f9a
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date: Mon Mar 5 10:20:44 2012 +0100
Escape "s in AS names and other fields.
---
build.xml | 1 +
src/org/torproject/onionoo/DetailDataWriter.java | 29 +++++++++++++++-------
2 files changed, 21 insertions(+), 9 deletions(-)
diff --git a/build.xml b/build.xml
index 995fa2f..652a49b 100644
--- a/build.xml
+++ b/build.xml
@@ -11,6 +11,7 @@
<path id="classpath">
<pathelement path="${classes}"/>
<pathelement location="lib/commons-codec-1.4.jar"/>
+ <pathelement location="lib/commons-lang-2.5.jar"/>
<pathelement location="lib/servlet-api.jar"/>
<pathelement location="lib/descriptor.jar"/>
<pathelement location="lib/maxmindgeoip.jar"/>
diff --git a/src/org/torproject/onionoo/DetailDataWriter.java b/src/org/torproject/onionoo/DetailDataWriter.java
index 98f0cb1..35b6484 100644
--- a/src/org/torproject/onionoo/DetailDataWriter.java
+++ b/src/org/torproject/onionoo/DetailDataWriter.java
@@ -21,6 +21,8 @@ import java.util.TimeZone;
import java.util.TreeMap;
import java.util.TreeSet;
+import org.apache.commons.lang.StringEscapeUtils;
+
import org.torproject.descriptor.BridgePoolAssignment;
import org.torproject.descriptor.Descriptor;
import org.torproject.descriptor.DescriptorFile;
@@ -278,11 +280,14 @@ public class DetailDataWriter {
}
sb.append("\n]");
if (descriptor.getContact() != null) {
- sb.append(",\n\"contact\":\"" + descriptor.getContact() + "\"");
+ sb.append(",\n\"contact\":\""
+ + StringEscapeUtils.escapeJavaScript(
+ descriptor.getContact()) + "\"");
}
if (descriptor.getPlatform() != null) {
- sb.append(",\n\"platform\":\"" + descriptor.getPlatform()
- + "\"");
+ sb.append(",\n\"platform\":\""
+ + StringEscapeUtils.escapeJavaScript(
+ descriptor.getPlatform()) + "\"");
}
if (descriptor.getFamilyEntries() != null) {
sb.append(",\n\"family\":[");
@@ -338,19 +343,24 @@ public class DetailDataWriter {
sb.append(",\n\"longitude\":" + longitude);
}
if (countryName != null) {
- sb.append(",\n\"country_name\":\"" + countryName + "\"");
+ sb.append(",\n\"country_name\":\""
+ + StringEscapeUtils.escapeJavaScript(countryName) + "\"");
}
if (regionName != null) {
- sb.append(",\n\"region_name\":\"" + regionName + "\"");
+ sb.append(",\n\"region_name\":\""
+ + StringEscapeUtils.escapeJavaScript(regionName) + "\"");
}
if (cityName != null) {
- sb.append(",\n\"city_name\":\"" + cityName + "\"");
+ sb.append(",\n\"city_name\":\""
+ + StringEscapeUtils.escapeJavaScript(cityName) + "\"");
}
if (aSNumber != null) {
- sb.append(",\n\"as_number\":\"" + aSNumber + "\"");
+ sb.append(",\n\"as_number\":\""
+ + StringEscapeUtils.escapeJavaScript(aSNumber) + "\"");
}
if (cityName != null) {
- sb.append(",\n\"as_name\":\"" + aSName + "\"");
+ sb.append(",\n\"as_name\":\""
+ + StringEscapeUtils.escapeJavaScript(aSName) + "\"");
}
/* Add exit addresses if at least one of them is distinct from the
@@ -482,7 +492,8 @@ public class DetailDataWriter {
sb.append("\"desc_published\":\"" + publishedDateTime + "\",\n"
+ "\"last_restarted\":\"" + lastRestartedString + "\",\n"
+ "\"advertised_bandwidth\":" + advertisedBandwidth + ",\n"
- + "\"platform\":\"" + descriptor.getPlatform() + "\"");
+ + "\"platform\":\"" + StringEscapeUtils.escapeJavaScript(
+ descriptor.getPlatform()) + "\"");
descriptorParts = sb.toString();
}
More information about the tor-commits
mailing list