diff options
author | Zipeng WU <zipeng.wu@sonarsource.com> | 2021-03-29 15:50:52 +0200 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2021-04-19 20:03:40 +0000 |
commit | a12c41da418594d9cf556ebfde3477d20e8ecef4 (patch) | |
tree | b1f976df0c89dc9877c8e1692b2a694d0b5a9800 /sonar-plugin-api/src | |
parent | 9e0d06262a0bb9bc262f228688c7989e92fea486 (diff) | |
download | sonarqube-a12c41da418594d9cf556ebfde3477d20e8ecef4.tar.gz sonarqube-a12c41da418594d9cf556ebfde3477d20e8ecef4.zip |
SONAR-14642 - SSF-142
Diffstat (limited to 'sonar-plugin-api/src')
-rw-r--r-- | sonar-plugin-api/src/main/java/org/sonar/api/utils/text/JsonWriter.java | 1 | ||||
-rw-r--r-- | sonar-plugin-api/src/test/java/org/sonar/api/utils/text/JsonWriterTest.java | 10 |
2 files changed, 10 insertions, 1 deletions
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/utils/text/JsonWriter.java b/sonar-plugin-api/src/main/java/org/sonar/api/utils/text/JsonWriter.java index 132978badd3..569045ff18f 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/utils/text/JsonWriter.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/utils/text/JsonWriter.java @@ -74,6 +74,7 @@ public class JsonWriter implements AutoCloseable { this.stream = new com.google.gson.stream.JsonWriter(writer); this.stream.setSerializeNulls(false); this.stream.setLenient(false); + this.stream.setHtmlSafe(true); this.serializeEmptyStrings = true; } diff --git a/sonar-plugin-api/src/test/java/org/sonar/api/utils/text/JsonWriterTest.java b/sonar-plugin-api/src/test/java/org/sonar/api/utils/text/JsonWriterTest.java index ad523fb74f9..9ae97fcfa35 100644 --- a/sonar-plugin-api/src/test/java/org/sonar/api/utils/text/JsonWriterTest.java +++ b/sonar-plugin-api/src/test/java/org/sonar/api/utils/text/JsonWriterTest.java @@ -152,7 +152,15 @@ public class JsonWriterTest { underTest.beginObject() .prop("foo", "<hello \"world\">") .endObject().close(); - expect("{\"foo\":\"<hello \\\"world\\\">\"}"); + expect("{\"foo\":\"\\u003chello \\\"world\\\"\\u003e\"}"); + } + + @Test + public void escape_html_characters() { + underTest.beginObject() + .prop("foo", "123<>abc") + .endObject().close(); + expect("{\"foo\":\"123\\u003c\\u003eabc\"}"); } @Test |