Update JSoup to version 1.16.2. This requires renaming `Whitelist` to `Safelist`, because the class name was changed in version 1.15.1 in a breaking change.pull/1461/head
@@ -95,7 +95,7 @@ | |||
<classpathentry kind="lib" path="ext/commons-pool2-2.0.jar" sourcepath="ext/src/commons-pool2-2.0.jar" /> | |||
<classpathentry kind="lib" path="ext/pf4j-0.9.0.jar" sourcepath="ext/src/pf4j-0.9.0.jar" /> | |||
<classpathentry kind="lib" path="ext/tika-core-1.5.jar" sourcepath="ext/src/tika-core-1.5.jar" /> | |||
<classpathentry kind="lib" path="ext/jsoup-1.7.3.jar" sourcepath="ext/src/jsoup-1.7.3.jar" /> | |||
<classpathentry kind="lib" path="ext/jsoup-1.16.2.jar" sourcepath="ext/src/jsoup-1.16.2.jar" /> | |||
<classpathentry kind="lib" path="ext/javax.activation-1.2.0.jar" sourcepath="ext/src/javax.activation-1.2.0.jar" /> | |||
<classpathentry kind="lib" path="ext/junit-4.12.jar" sourcepath="ext/src/junit-4.12.jar" /> | |||
<classpathentry kind="lib" path="ext/hamcrest-core-1.3.jar" sourcepath="ext/src/hamcrest-core-1.3.jar" /> |
@@ -191,7 +191,7 @@ dependencies: | |||
- compile 'redis.clients:jedis:2.6.2' :war | |||
- compile 'ro.fortsoft.pf4j:pf4j:0.9.0' :war | |||
- compile 'org.apache.tika:tika-core:1.5' :war | |||
- compile 'org.jsoup:jsoup:1.7.3' :war | |||
- compile 'org.jsoup:jsoup:1.16.2' :war | |||
- compile 'com.sun.activation:javax.activation:1.2.0' :war :manager :fedclient | |||
- test 'junit:junit:4.12' | |||
# Dependencies for Selenium web page testing |
@@ -988,13 +988,13 @@ | |||
</library> | |||
</orderEntry> | |||
<orderEntry type="module-library"> | |||
<library name="jsoup-1.7.3.jar"> | |||
<library name="jsoup-1.16.2.jar"> | |||
<CLASSES> | |||
<root url="jar://$MODULE_DIR$/ext/jsoup-1.7.3.jar!/" /> | |||
<root url="jar://$MODULE_DIR$/ext/jsoup-1.16.2.jar!/" /> | |||
</CLASSES> | |||
<JAVADOC /> | |||
<SOURCES> | |||
<root url="jar://$MODULE_DIR$/ext/src/jsoup-1.7.3.jar!/" /> | |||
<root url="jar://$MODULE_DIR$/ext/src/jsoup-1.16.2.jar!/" /> | |||
</SOURCES> | |||
</library> | |||
</orderEntry> |
@@ -18,7 +18,7 @@ package com.gitblit.utils; | |||
import org.jsoup.Jsoup; | |||
import org.jsoup.nodes.Document; | |||
import org.jsoup.safety.Cleaner; | |||
import org.jsoup.safety.Whitelist; | |||
import org.jsoup.safety.Safelist; | |||
import com.google.inject.Inject; | |||
import com.google.inject.Singleton; | |||
@@ -38,7 +38,7 @@ public class JSoupXssFilter implements XssFilter { | |||
@Inject | |||
public JSoupXssFilter() { | |||
none = new Cleaner(Whitelist.none()); | |||
none = new Cleaner(Safelist.none()); | |||
relaxed = new Cleaner(getRelaxedWhiteList()); | |||
} | |||
@@ -64,8 +64,8 @@ public class JSoupXssFilter implements XssFilter { | |||
* https://github.com/github/markup/tree/master#html-sanitization | |||
* @return a loose HTML whitelist | |||
*/ | |||
protected Whitelist getRelaxedWhiteList() { | |||
return new Whitelist() | |||
protected Safelist getRelaxedWhiteList() { | |||
return new Safelist() | |||
.addTags( | |||
"a", "b", "blockquote", "br", "caption", "cite", "code", "col", | |||
"colgroup", "dd", "del", "div", "dl", "dt", "em", "h1", "h2", "h3", "h4", "h5", "h6", "hr", |