From 0ec76fc3d51c4e229d9bd4070df086b4e7eafa04 Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@gmail.com>
Date: Mon, 12 Aug 2013 13:25:44 +0200
Subject: [PATCH] SONAR-4269 Remove display of resource name to prevent XSS
 issue

---
 .../webapp/WEB-INF/app/controllers/api/sources_controller.rb  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb
index 186cfc54c20..4b20259238b 100644
--- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/api/sources_controller.rb
@@ -27,7 +27,7 @@ class Api::SourcesController < Api::RestController
     if resource_id
       @resource=Project.by_key(resource_id)
       if @resource.nil?
-        rest_status_ko("Resource [#{resource_id}] not found", 404)
+        rest_status_ko('Resource not found', 404)
         return
       end
     end
@@ -35,7 +35,7 @@ class Api::SourcesController < Api::RestController
 
     source = @resource.last_snapshot.source
     if !source
-      rest_status_ko("Resource [#{@resource.id}] has no sources", 404)
+      rest_status_ko('Resource has no sources', 404)
     else
       #optimization
       #source.snapshot.project=@resource
-- 
2.39.5