Quantcast

cxf-fediz git commit: Remove ESAPI

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

cxf-fediz git commit: Remove ESAPI

coheigea
Administrator
Repository: cxf-fediz
Updated Branches:
  refs/heads/master 19d9a9d29 -> aabc68bd5


Remove ESAPI


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/aabc68bd
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/aabc68bd
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/aabc68bd

Branch: refs/heads/master
Commit: aabc68bd5e0bfc43795fb800ddce3f845104e7bf
Parents: 19d9a9d
Author: Colm O hEigeartaigh <[hidden email]>
Authored: Wed May 17 17:29:57 2017 +0100
Committer: Colm O hEigeartaigh <[hidden email]>
Committed: Wed May 17 17:29:57 2017 +0100

----------------------------------------------------------------------
 apache-fediz/src/main/release/NOTICE                  | 14 --------------
 pom.xml                                               |  1 -
 services/oidc/pom.xml                                 |  6 +++---
 .../oidc/logout/LogoutRedirectConstraintHandler.java  |  2 +-
 services/oidc/src/main/resources/ESAPI.properties     |  1 -
 .../oidc/src/main/webapp/WEB-INF/views/client.jsp     |  4 ++--
 .../main/webapp/WEB-INF/views/clientCodeGrants.jsp    |  4 ++--
 .../src/main/webapp/WEB-INF/views/clientTokens.jsp    |  4 ++--
 .../webapp/WEB-INF/views/oAuthAuthorizationData.jsp   |  4 ++--
 .../main/webapp/WEB-INF/views/registeredClients.jsp   |  4 ++--
 10 files changed, 14 insertions(+), 30 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/apache-fediz/src/main/release/NOTICE
----------------------------------------------------------------------
diff --git a/apache-fediz/src/main/release/NOTICE b/apache-fediz/src/main/release/NOTICE
index 94dc41e..a40b89d 100644
--- a/apache-fediz/src/main/release/NOTICE
+++ b/apache-fediz/src/main/release/NOTICE
@@ -35,17 +35,3 @@ The source code is available at:
 
 OpenJPA includes software written by Miroslav Nachev
 
-This project bundles Batik, which contains code from the World Wide Web
-Consortium (W3C) for the Document Object Model API (DOM API) and SVG Document
-Type Definition (DTD).
-
-This project bundles Batik which contains code from the International
-Organisation for Standardization for the definition of character entities used
-in the software's documentation.
-
-This project bundles Batik which includes images from the Tango Desktop Project
-(http://tango.freedesktop.org/).
-
-This product bundles Batik which includes images from the Pasodoble Icon Theme
-(http://www.jesusda.com/projects/pasodoble).
-

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index edb3c45..dd838fe 100644
--- a/pom.xml
+++ b/pom.xml
@@ -50,7 +50,6 @@
         <easymock.version>3.4</easymock.version>
         <ecj.version>4.6.1</ecj.version>
         <ehcache.version>2.10.3</ehcache.version>
-        <esapi.version>2.1.0.1</esapi.version>
         <httpclient.version>4.3.5</httpclient.version>
         <hsqldb.version>2.3.4</hsqldb.version>
         <htmlunit.version>2.24</htmlunit.version>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/pom.xml
----------------------------------------------------------------------
diff --git a/services/oidc/pom.xml b/services/oidc/pom.xml
index 4e1abfe..c502411 100644
--- a/services/oidc/pom.xml
+++ b/services/oidc/pom.xml
@@ -78,9 +78,9 @@
             <version>${commons.validator.version}</version>
         </dependency>
         <dependency>
-            <groupId>org.owasp.esapi</groupId>
-            <artifactId>esapi</artifactId>
-            <version>${esapi.version}</version>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-lang3</artifactId>
+            <version>${commons.lang.version}</version>
         </dependency>
         <!--
         <dependency>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java
index 150746a..cb0521c 100644
--- a/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java
+++ b/services/oidc/src/main/java/org/apache/cxf/fediz/service/oidc/logout/LogoutRedirectConstraintHandler.java
@@ -29,7 +29,7 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.servlet.http.HttpServletRequest;
 
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.cxf.fediz.core.spi.ReplyConstraintCallback;
 import org.apache.cxf.fediz.service.oidc.handler.hrd.ApplicationContextProvider;
 import org.apache.cxf.rs.security.oauth2.common.Client;

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/resources/ESAPI.properties
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/resources/ESAPI.properties b/services/oidc/src/main/resources/ESAPI.properties
deleted file mode 100644
index 077737c..0000000
--- a/services/oidc/src/main/resources/ESAPI.properties
+++ /dev/null
@@ -1 +0,0 @@
-ESAPI.Encoder=org.owasp.esapi.reference.DefaultEncoder

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/webapp/WEB-INF/views/client.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/client.jsp b/services/oidc/src/main/webapp/WEB-INF/views/client.jsp
index 0c43fff..d5274e0 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/client.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/client.jsp
@@ -5,7 +5,7 @@
 <%@ page import="java.util.TimeZone"%>
 <%@ page import="javax.servlet.http.HttpServletRequest" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.CSRFUtils" %>
-<%@ page import="org.owasp.esapi.ESAPI" %>
+<%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 
 <%
  Client client = (Client)request.getAttribute("data");
@@ -77,7 +77,7 @@
 </head>
 <body>
 <div class="padded">
-<h1><%= ESAPI.encoder().encodeForHTML(client.getApplicationName()) %></h1>
+<h1><%= StringEscapeUtils.escapeHtml4(client.getApplicationName()) %></h1>
 <br/>
 <table border="1" id=client>
     <%

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/webapp/WEB-INF/views/clientCodeGrants.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/clientCodeGrants.jsp b/services/oidc/src/main/webapp/WEB-INF/views/clientCodeGrants.jsp
index 8254c50..b8fd3d1 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/clientCodeGrants.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/clientCodeGrants.jsp
@@ -8,7 +8,7 @@
 <%@ page import="javax.servlet.http.HttpServletRequest" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.CSRFUtils" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.clients.ClientCodeGrants" %>
-<%@ page import="org.owasp.esapi.ESAPI" %>
+<%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 
 <%
  ClientCodeGrants tokens = (ClientCodeGrants)request.getAttribute("data");
@@ -46,7 +46,7 @@
 </head>
 <body>
 <div class="padded">
-<h1>Code Grants issued to <%= ESAPI.encoder().encodeForHTML(client.getApplicationName()) + " (" + client.getClientId() + ")"%></h1>
+<h1>Code Grants issued to <%= StringEscapeUtils.escapeHtml4(client.getApplicationName()) + " (" + client.getClientId() + ")"%></h1>
 <br/>
 <table border="1">
     <tr><th>ID</th><th>Issue Date</th><th>Expiry Date</th><th>Action</th></tr>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/webapp/WEB-INF/views/clientTokens.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/clientTokens.jsp b/services/oidc/src/main/webapp/WEB-INF/views/clientTokens.jsp
index ed96511..b5a76fc 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/clientTokens.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/clientTokens.jsp
@@ -9,7 +9,7 @@
 <%@ page import="javax.servlet.http.HttpServletRequest" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.CSRFUtils" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.clients.ClientTokens" %>
-<%@ page import="org.owasp.esapi.ESAPI" %>
+<%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 
 <%
  ClientTokens tokens = (ClientTokens)request.getAttribute("data");
@@ -48,7 +48,7 @@
  </STYLE>
 </head>
 <body>
-<h1>Tokens issued to <%= ESAPI.encoder().encodeForHTML(client.getApplicationName()) + " (" + client.getClientId() + ")"%></h1>
+<h1>Tokens issued to <%= StringEscapeUtils.escapeHtml4(client.getApplicationName()) + " (" + client.getClientId() + ")"%></h1>
 <br/>
 <div class="padded">
 <h2>Access Tokens</h2>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp b/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
index 5218bea..4ea6c2a 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
@@ -2,7 +2,7 @@
 <%@ page import="java.util.List" %>
 <%@ page import="org.apache.cxf.rs.security.oauth2.common.OAuthAuthorizationData" %>
 <%@ page import="org.apache.cxf.rs.security.oauth2.common.OAuthPermission" %>
-<%@ page import="org.owasp.esapi.ESAPI" %>
+<%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 
 
 <%
@@ -77,7 +77,7 @@
                             }
                         %>
 
-                        <h2>Would you like to grant <%= ESAPI.encoder().encodeForHTML(data.getApplicationName()) %><br />the following permissions:</h2>
+                        <h2>Would you like to grant <%= StringEscapeUtils.escapeHtml4(data.getApplicationName()) %><br />the following permissions:</h2>
 
                         <table>
                             <%

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/aabc68bd/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp b/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
index 009cccf..4fa7600 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/registeredClients.jsp
@@ -6,7 +6,7 @@
 <%@ page import="java.util.TimeZone"%>
 <%@ page import="javax.servlet.http.HttpServletRequest" %>
 <%@ page import="org.apache.cxf.fediz.service.oidc.clients.RegisteredClients" %>
-<%@ page import="org.owasp.esapi.ESAPI" %>
+<%@ page import="org.apache.commons.lang3.StringEscapeUtils" %>
 
 <%
  Collection<Client> regs = ((RegisteredClients)request.getAttribute("data")).getClients();
@@ -52,7 +52,7 @@
     %>
        <tr>
            <td><a href="<%= basePath + "console/clients/" + client.getClientId() %>"><%=
-               ESAPI.encoder().encodeForHTML(client.getApplicationName()) %></a></td>
+               StringEscapeUtils.escapeHtml4(client.getApplicationName()) %></a></td>
            <td>
               <%= client.getClientId() %>
            </td>

Loading...