Skip to content
This repository has been archived by the owner. It is now read-only.

Html-encode stack trace details #612

Closed
kenston opened this issue Sep 2, 2016 · 5 comments
Closed

Html-encode stack trace details #612

kenston opened this issue Sep 2, 2016 · 5 comments
Labels

Comments

@kenston
Copy link

@kenston kenston commented Sep 2, 2016

When using the ExtentTest.log(LogStatus logStatus, Throwable t) method, the stack trace message of the passed throwable may contain some HTML tags. However, HTML-encoding (conversion to HTML entities) was not performed.

A sample stacktrace

Sample issue
Caused by: IllegalArgumentException: String [<td></td>] is not allowed.
    at com.sample.test(Sample.java:31)
    at com.sample.test(Sample.java:21)

will simply be included in the reports as

<tr>
<td class='status error' title='error' alt='error'><i class='mdi-alert-error'></i></td>
<td class='timestamp'>17:50:33</td>
<td class='step-details'><pre>Sample issue
Caused by: IllegalArgumentException: String [<td></td>] is not allowed.
    at com.sample.test(Sample.java:31)
    at com.sample.test(Sample.java:21)
</pre></td>
</tr>

The HTML part <td></td> will be rendered and may affect/deface the report presentation.

@anshooarora anshooarora added the bug label Sep 6, 2016
@anshooarora
Copy link
Owner

@anshooarora anshooarora commented Sep 6, 2016

The ability to add HTML needs to be added. For now, is it possible to replace:

< with &lt;
> with &gt;

before adding the log? This will prevent malformed markup.

@kenston
Copy link
Author

@kenston kenston commented Sep 7, 2016

For logging using the method log(LogStatus logStatus, String details) this seems OK; however with log(LogStatus logStatus, Throwable t) this means we have to alter the exception message to make it work.

@anshooarora
Copy link
Owner

@anshooarora anshooarora commented Sep 7, 2016

Working on the fix, will be released in the next version (targeting this week).

@anshooarora
Copy link
Owner

@anshooarora anshooarora commented Sep 7, 2016

Can you please try with the attached jar file and let me know if it works?

extentreports-java-2.41.2.jar.zip

I have kept converting of log(LogStatus logStatus, String details) manual, as users may have HTML tags they would like to inject here.

This log(LogStatus logStatus, Throwable t) will enclose any HTML/XML tags in a textarea so the page does not become malformed.

@kenston
Copy link
Author

@kenston kenston commented Sep 8, 2016

@anshooarora it fixes the issue. May I suggest that we enable horizontal scrolling (rather than wrapping) when we style the textarea? Thanks!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants