SONAR-4269 Remove display of resource name to prevent XSS issue

author Julien Lancelot <julien.lancelot@gmail.com>

Mon, 12 Aug 2013 11:25:44 +0000 (13:25 +0200)

committer Julien Lancelot <julien.lancelot@gmail.com>

Mon, 12 Aug 2013 12:37:24 +0000 (14:37 +0200)
author Julien Lancelot <julien.lancelot@gmail.com>
Mon, 12 Aug 2013 11:25:44 +0000 (13:25 +0200)
committer Julien Lancelot <julien.lancelot@gmail.com>
Mon, 12 Aug 2013 12:37:24 +0000 (14:37 +0200)
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb

index 186cfc54c2001c7c147ae1bc4f778ab532bc844f..4b20259238bf631319ccf83ef3dde578122e5cb4 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb
@@ -27,7 +27,7 @@ class Api::SourcesController < Api::RestController
      if resource_id
        @resource=Project.by_key(resource_id)
        if @resource.nil?
-        rest_status_ko("Resource [#{resource_id}] not found", 404)
+        rest_status_ko('Resource not found', 404)
          return
        end
      end
@@ -35,7 +35,7 @@ class Api::SourcesController < Api::RestController
  
      source = @resource.last_snapshot.source
      if !source
-      rest_status_ko("Resource [#{@resource.id}] has no sources", 404)
+      rest_status_ko('Resource has no sources', 404)
      else
        #optimization
        #source.snapshot.project=@resource
author	Julien Lancelot <julien.lancelot@gmail.com>
	Mon, 12 Aug 2013 11:25:44 +0000 (13:25 +0200)
committer	Julien Lancelot <julien.lancelot@gmail.com>
	Mon, 12 Aug 2013 12:37:24 +0000 (14:37 +0200)