-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CLOUDSTACK-10153: Introduce string API arg trust validation #2336
Conversation
Thanks for this enhancement @rhtyd |
@borisstoyanov a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1287 |
@blueorangutan test |
@borisstoyanov a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
@borisstoyanov looks like there is something really wrong with the changes, let me test as all the travis jobs failed. |
Adds new API string argument/field validator that validates the string as untrusted HTML using owasp's java-html-sanitizer. This also adds a API argument validator type to skip validations, useful for fields such as certificates and keys. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
c0eb789
to
bea1198
Compare
@blueorangutan package |
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. |
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1290 |
@blueorangutan test |
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
Trillian test result (tid-1690)
|
@blueorangutan test |
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
@blueorangutan test |
@borisstoyanov a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
Trillian test result (tid-1723)
|
Due to several failures, I'll close this one now and may work in future. |
Adds new API string argument/field validator that validates the string
as untrusted HTML using owasp's java-html-sanitizer. This also adds
a API argument validator type to skip validations, useful for fields
such as certificates and keys.
Signed-off-by: Rohit Yadav rohit.yadav@shapeblue.com