diff options
| author | James Moger <james.moger@gitblit.com> | 2014-09-07 11:21:59 -0400 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2014-09-07 11:43:40 -0400 |
| commit | 11a1739389e9bafa0b89de910105967508b56dbf (patch) | |
| tree | 639f04dcce5713c9aa71b23dc3c89877e3688a35 /src/main/java/com/gitblit/wicket/pages | |
| parent | 209dbdd49a89d6e3cebf61e860c779a1d8561dd9 (diff) | |
| download | gitblit-11a1739389e9bafa0b89de910105967508b56dbf.tar.gz gitblit-11a1739389e9bafa0b89de910105967508b56dbf.zip | |
Enforce relaxed XSS filtering on markup documents
Diffstat (limited to 'src/main/java/com/gitblit/wicket/pages')
4 files changed, 4 insertions, 4 deletions
diff --git a/src/main/java/com/gitblit/wicket/pages/BlobPage.java b/src/main/java/com/gitblit/wicket/pages/BlobPage.java index 0938fcde..e84056b3 100644 --- a/src/main/java/com/gitblit/wicket/pages/BlobPage.java +++ b/src/main/java/com/gitblit/wicket/pages/BlobPage.java @@ -79,7 +79,7 @@ public class BlobPage extends RepositoryPage { }
// see if we should redirect to the doc page
- MarkupProcessor processor = new MarkupProcessor(app().settings());
+ MarkupProcessor processor = new MarkupProcessor(app().settings(), app().xssFilter());
for (String ext : processor.getMarkupExtensions()) {
if (ext.equals(extension)) {
setResponsePage(DocPage.class, params);
diff --git a/src/main/java/com/gitblit/wicket/pages/DocPage.java b/src/main/java/com/gitblit/wicket/pages/DocPage.java index c06d8065..567c6fbd 100644 --- a/src/main/java/com/gitblit/wicket/pages/DocPage.java +++ b/src/main/java/com/gitblit/wicket/pages/DocPage.java @@ -43,7 +43,7 @@ public class DocPage extends RepositoryPage { super(params);
final String path = WicketUtils.getPath(params).replace("%2f", "/").replace("%2F", "/");
- MarkupProcessor processor = new MarkupProcessor(app().settings());
+ MarkupProcessor processor = new MarkupProcessor(app().settings(), app().xssFilter());
Repository r = getRepository();
RevCommit commit = JGitUtils.getCommit(r, objectId);
diff --git a/src/main/java/com/gitblit/wicket/pages/DocsPage.java b/src/main/java/com/gitblit/wicket/pages/DocsPage.java index fc56ee07..a3d0f214 100644 --- a/src/main/java/com/gitblit/wicket/pages/DocsPage.java +++ b/src/main/java/com/gitblit/wicket/pages/DocsPage.java @@ -49,7 +49,7 @@ public class DocsPage extends RepositoryPage { public DocsPage(PageParameters params) {
super(params);
- MarkupProcessor processor = new MarkupProcessor(app().settings());
+ MarkupProcessor processor = new MarkupProcessor(app().settings(), app().xssFilter());
Repository r = getRepository();
RevCommit head = JGitUtils.getCommit(r, null);
diff --git a/src/main/java/com/gitblit/wicket/pages/SummaryPage.java b/src/main/java/com/gitblit/wicket/pages/SummaryPage.java index 090c0952..3cfa152e 100644 --- a/src/main/java/com/gitblit/wicket/pages/SummaryPage.java +++ b/src/main/java/com/gitblit/wicket/pages/SummaryPage.java @@ -138,7 +138,7 @@ public class SummaryPage extends RepositoryPage { MarkupDocument markupDoc = null;
RevCommit head = JGitUtils.getCommit(r, null);
if (head != null) {
- MarkupProcessor processor = new MarkupProcessor(app().settings());
+ MarkupProcessor processor = new MarkupProcessor(app().settings(), app().xssFilter());
markupDoc = processor.getReadme(r, repositoryName, getBestCommitId(head));
}
if (markupDoc == null || markupDoc.markup == null) {
|