From d898f41becdc8239e1575b0d11559bb9bb39bfda Mon Sep 17 00:00:00 2001 From: Manuel Leduc Date: Thu, 25 Jan 2024 15:57:50 +0100 Subject: [PATCH] XWIKI-21810: Improve suggest URL escaping in StringClass * Remove usage of a deprecated API in StringClass * Improved formatting for StringClassTest (cherry picked from commit 049871115da41d56e29bc7610ae6252c6ba705df) --- .../xwiki/objects/classes/StringClass.java | 11 ++++------ .../objects/classes/StringClassTest.java | 22 ++++++++++--------- 2 files changed, 16 insertions(+), 17 deletions(-) diff --git a/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/objects/classes/StringClass.java b/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/objects/classes/StringClass.java index 6b670225a02d..4fa41961b5f6 100644 --- a/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/objects/classes/StringClass.java +++ b/xwiki-platform-core/xwiki-platform-oldcore/src/main/java/com/xpn/xwiki/objects/classes/StringClass.java @@ -23,6 +23,7 @@ import java.util.Map; import org.apache.ecs.xhtml.input; +import org.xwiki.model.reference.LocalDocumentReference; import org.xwiki.velocity.tools.EscapeTool; import org.xwiki.xml.XMLUtils; @@ -132,14 +133,10 @@ private void displayPickerEdit(input input) input.setClass("suggested"); XWikiContext xWikiContext = getXWikiContext(); XWiki xwiki = xWikiContext.getWiki(); - String path = xwiki.getURL("Main.WebHome", "view", xWikiContext); - StringBuilder stringBuilder = new StringBuilder(); - stringBuilder.append(path); - stringBuilder.append('?'); - stringBuilder.append(new EscapeTool().url(getParametersMap())); - stringBuilder.append('&'); + String path = xwiki.getURL(new LocalDocumentReference("Main", "WebHome"), "view", xWikiContext); + String stringBuilder = String.format("%s?%s&", path, new EscapeTool().url(getParametersMap())); input.setOnFocus(String.format("new ajaxSuggest(this, {script:\"%s\", varname:\"input\"} )", - escapeJavaScript(stringBuilder.toString()))); + escapeJavaScript(stringBuilder))); } private Map getParametersMap() diff --git a/xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/objects/classes/StringClassTest.java b/xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/objects/classes/StringClassTest.java index 7a564f4c214a..e3cf4987f6be 100644 --- a/xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/objects/classes/StringClassTest.java +++ b/xwiki-platform-core/xwiki-platform-oldcore/src/test/java/com/xpn/xwiki/objects/classes/StringClassTest.java @@ -22,6 +22,7 @@ import org.junit.jupiter.api.Test; import org.mockito.Mock; import org.xwiki.model.reference.DocumentReference; +import org.xwiki.model.reference.LocalDocumentReference; import com.xpn.xwiki.XWikiContext; import com.xpn.xwiki.test.MockitoOldcore; @@ -53,8 +54,9 @@ void displayEdit() { XWikiContext xWikiContext = this.oldCore.getXWikiContext(); xWikiContext.setURLFactory(this.urlFactory); - when(this.oldCore.getSpyXWiki().getURL("Main.WebHome", "view", xWikiContext)).thenReturn("/a/b"); - + when(this.oldCore.getSpyXWiki() + .getURL(new LocalDocumentReference("Main", "WebHome"), "view", xWikiContext)).thenReturn("/a/b"); + String fieldName = "test"; String spaceName = "\" + alert(1) + \""; String pageName = "WebHome"; @@ -68,14 +70,14 @@ void displayEdit() StringBuffer stringBuffer = new StringBuffer(); stringClass.displayEdit(stringBuffer, fieldName, spaceName + "." + pageName + "_0_", baseClass, xWikiContext); - assertEquals("", stringBuffer.toString()); } }