SONAR-5758 Use CSV escaping to send custom rule parameters

author Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>

Wed, 22 Oct 2014 08:49:32 +0000 (10:49 +0200)

committer Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>

Wed, 22 Oct 2014 09:04:28 +0000 (11:04 +0200)
author Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>
Wed, 22 Oct 2014 08:49:32 +0000 (10:49 +0200)
committer Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>
Wed, 22 Oct 2014 09:04:28 +0000 (11:04 +0200)
diff --git a/server/sonar-web/Gruntfile.coffee b/server/sonar-web/Gruntfile.coffee

index 5cef7cbd1dc72c9d5eed376728932b10eeeb2720..c7453a8d1f3db33c559848d09c1cf8782271056c 100644 (file)
--- a/server/sonar-web/Gruntfile.coffee
+++ b/server/sonar-web/Gruntfile.coffee
@@ -98,6 +98,7 @@ module.exports = (grunt) ->
              '<%= pkg.assets %>js/common/inputs.js'
              '<%= pkg.assets %>js/common/dialogs.js'
              '<%= pkg.assets %>js/application.js'
+            '<%= pkg.assets %>js/csv.js'
              '<%= pkg.assets %>js/dashboard.js'
              '<%= pkg.assets %>js/duplication.js'
              '<%= pkg.assets %>js/resource.js'
@@ -131,6 +132,7 @@ module.exports = (grunt) ->
              '<%= pkg.assets %>js/common/inputs.js'
              '<%= pkg.assets %>js/common/dialogs.js'
              '<%= pkg.assets %>js/application.js'
+            '<%= pkg.assets %>js/csv.js'
              '<%= pkg.assets %>js/dashboard.js'
              '<%= pkg.assets %>js/duplication.js'
              '<%= pkg.assets %>js/resource.js'
diff --git a/server/sonar-web/src/main/coffee/coding-rules/views/coding-rules-custom-rule-creation-view.coffee b/server/sonar-web/src/main/coffee/coding-rules/views/coding-rules-custom-rule-creation-view.coffee

index 4728cb45e5ba1b117f827e29b1b4ef014f24aec0..1ba1dd04288de5f4b04b76dd8226751c1604c5be 100644 (file)
--- a/server/sonar-web/src/main/coffee/coding-rules/views/coding-rules-custom-rule-creation-view.coffee
+++ b/server/sonar-web/src/main/coffee/coding-rules/views/coding-rules-custom-rule-creation-view.coffee
@@ -74,7 +74,7 @@ define [
            value = node.prop('placeholder') || ''
          key: node.prop('name'), value: value).get()
  
-      postData.params = (params.map (param) -> param.key + '=' + param.value).join(';')
+      postData.params = (params.map (param) -> param.key + '=' + window.csvEscape(param.value)).join(';')
        @sendRequest(action, postData)
  
  
diff --git a/server/sonar-web/src/main/js/csv.js b/server/sonar-web/src/main/js/csv.js

new file mode 100644 (file)

index 0000000..fcca34e
--- /dev/null
+++ b/server/sonar-web/src/main/js/csv.js
@@ -0,0 +1,8 @@
+(function() {
+
+  window.csvEscape = function(value) {
+    var escaped = value.replace(/"/g, '\\"');
+    return '"' + escaped + '"';
+  };
+
+})();
author	Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>
	Wed, 22 Oct 2014 08:49:32 +0000 (10:49 +0200)
committer	Jean-Baptiste Lievremont <jean-baptiste.lievremont@sonarsource.com>
	Wed, 22 Oct 2014 09:04:28 +0000 (11:04 +0200)
server/sonar-web/Gruntfile.coffee		patch \| blob \| history
server/sonar-web/src/main/coffee/coding-rules/views/coding-rules-custom-rule-creation-view.coffee		patch \| blob \| history
server/sonar-web/src/main/js/csv.js	[new file with mode: 0644]	patch \| blob