RHPAM-4719: Replace single qoute with nothing

kiegroup · Jun 27, 2023 · fb0c235 · fb0c235
1 parent b8eaab5
commit fb0c235
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/...ire-rest/uberfire-rest-backend/src/main/java/org/guvnor/rest/backend/ProjectResource.java b/...ire-rest/uberfire-rest-backend/src/main/java/org/guvnor/rest/backend/ProjectResource.java
@@ -374,7 +374,7 @@ public Response addBranch(@PathParam("spaceName") String spaceName,
         jobRequest.setJobId(id);
         jobRequest.setSpaceName(spaceName);
         jobRequest.setProjectName(projectName);
-        jobRequest.setNewBranchName(StringEscapeUtils.escapeHtml4(addBranchRequest.getNewBranchName()));
+        jobRequest.setNewBranchName(escapeHtmlInput(addBranchRequest.getNewBranchName()));
         jobRequest.setBaseBranchName(addBranchRequest.getBaseBranchName());
         jobRequest.setUserIdentifier(sessionInfo.getIdentity().getIdentifier());
         addAcceptedJobResult(id);
@@ -455,6 +455,12 @@ private ProjectResponse getProjectResponse(WorkspaceProject workspaceProject) {
         return projectResponse;
     }
 
+    private String escapeHtmlInput(String input) {
+        String escapedInput = StringEscapeUtils.escapeHtml4(input);
+        escapedInput = escapedInput.replace("'", "");
+        return escapedInput;
+    }
+
     @POST
     @Produces(MediaType.APPLICATION_JSON)
     @Path("/spaces/{spaceName}/projects/{projectName}/maven/compile")
@@ -685,7 +691,7 @@ public Response createSpace(Space space) {
         jobRequest.setJobId(id);
         jobRequest.setSpaceName(space.getName());
         jobRequest.setDescription(space.getDescription());
-        jobRequest.setOwner(StringEscapeUtils.escapeHtml4(space.getOwner()));
+        jobRequest.setOwner(escapeHtmlInput(space.getOwner()));
         jobRequest.setDefaultGroupId(space.getDefaultGroupId());
         addAcceptedJobResult(id);
 
@@ -710,7 +716,7 @@ public Response updateSpace(Space space) {
         jobRequest.setJobId(id);
         jobRequest.setSpaceName(space.getName());
         jobRequest.setDescription(space.getDescription());
-        jobRequest.setOwner(StringEscapeUtils.escapeHtml4(space.getOwner()));
+        jobRequest.setOwner(escapeHtmlInput(space.getOwner()));
         jobRequest.setDefaultGroupId(space.getDefaultGroupId());
         addAcceptedJobResult(id);
 

diff --git a/...n/java/org/guvnor/structure/backend/organizationalunit/OrganizationalUnitServiceImpl.java b/...n/java/org/guvnor/structure/backend/organizationalunit/OrganizationalUnitServiceImpl.java
@@ -625,6 +625,7 @@ private Collection<Contributor> escapeContributorsNames(Collection<Contributor>
         Collection<Contributor> escapedContributors = new ArrayList<>();
         contributors.forEach((contributor -> {
             String escapedName = StringEscapeUtils.escapeHtml4(contributor.getUsername());
+            escapedName = escapedName.replace("'", "");
             escapedContributors.add(new Contributor(escapedName, contributor.getType()));
         }));
         return escapedContributors;