correct XML sanitization of some characters in messages which made xml

invalid so nothing showed
velias · Aug 16, 2018 · 278ea22 · 278ea22
1 parent d13c104
commit 278ea22
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -20,6 +20,9 @@ Plugin .jar file is then placed in /target subfolder
 Changelog
 -------------
 
+1.5 - 2018-08-16
+- correct XML sanitization of some characters in messages which made xml invalid so nothing showed  
+
 1.4 - 2016-10-06
 - update to work in jira 7.x (not compatible with older jira versions anymore)
 - added progress indicator shown during data loading 

diff --git a/pom.xml b/pom.xml
@@ -6,7 +6,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.jboss.labs.jira.plugin</groupId>
 	<artifactId>livelogviewer</artifactId>
-	<version>1.4</version>
+	<version>1.5</version>
 
 	<name>Live Log Viewer</name>
 	<packaging>atlassian-plugin</packaging>

diff --git a/src/main/java/org/jboss/labs/jira/plugin/livelogviewer/LiveLogServlet.java b/src/main/java/org/jboss/labs/jira/plugin/livelogviewer/LiveLogServlet.java
@@ -75,6 +75,7 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws Se
     resp.setContentType("application/xml");
     resp.setHeader("Cache-Control", "no-cache, must-revalidate");
     resp.setHeader("Expires", "Mon, 28 May 2012 01:00:00 GMT");
+    resp.setCharacterEncoding("UTF-8");
     PrintWriter writer = resp.getWriter();
     writer.write("<?xml version='1.0' encoding='UTF-8'?>\n");
     writer.write("<events>");

diff --git a/src/main/java/org/jboss/labs/jira/plugin/livelogviewer/NoNSXMLLayout.java b/src/main/java/org/jboss/labs/jira/plugin/livelogviewer/NoNSXMLLayout.java
@@ -1,5 +1,7 @@
 package org.jboss.labs.jira.plugin.livelogviewer;
 
+import java.util.regex.Pattern;
+
 import org.apache.log4j.Layout;
 import org.apache.log4j.helpers.Transform;
 import org.apache.log4j.spi.LoggingEvent;
@@ -22,7 +24,7 @@ public String format(LoggingEvent event) {
     sb.append(" thread=\"").append(event.getThreadName()).append("\"");
     sb.append(">");
     sb.append("<message><![CDATA[");
-    Transform.appendEscapingCDATA(sb, event.getRenderedMessage());
+    Transform.appendEscapingCDATA(sb, sanitizeXmlChars(event.getRenderedMessage()));
     sb.append("]]>");
     sb.append("</message>");
     if (event.getThrowableInformation() != null) {
@@ -40,6 +42,18 @@ public String format(LoggingEvent event) {
     return sb.toString();
   }
 
+  public static String sanitizeXmlChars(String xml) {
+      if (xml == null || ("".equals(xml))) return "";
+      // ref : http://www.w3.org/TR/REC-xml/#charsets
+      // jdk 7
+      Pattern xmlInvalidChars =
+        Pattern.compile(
+           "[^\\u0009\\u000A\\u000D\\u0020-\\uD7FF\\uE000-\\uFFFD\\x{10000}-\\x{10FFFF}]"
+
+          );
+      return xmlInvalidChars.matcher(xml).replaceAll(".");
+    }
+
   @Override
   public boolean ignoresThrowable() {
     return false;