Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-17878

HTML test output in tapResults not escaped

XMLWordPrintable

      On tapResults page, if the output of a given test contains HTML, it renders it out onto the tapResults report wholesale and unescaped.

      If the HTML is partial, it can lead to some output being outside of a result table or missing on render entirely.

      To illustrate what I mean, I've included some offending TAP file content and some screenshots of the results(masking applied by me to protect some data).

      #     <div id="PageWrapper">
# 
#       <div id="Header">
#         <div class="Liner">
# </div><!-- end Liner -->
#       </div><!-- end Header -->
#       <div id="ContentWrapper">
#         <div id="ContentColumn">
#           <div class="Liner">
# 
# 
# </div><!-- end Liner -->
#         </div><!-- end ContentColumn -->
#       </div><!-- end ContentWrapper -->
# 
#       <div id="NavColumn">
#         <div class="Liner">
# </div><!-- end Liner -->
#       </div><!-- end NavColumn -->
#

        1. Screen Shot 2013-05-06 at 4.30.53 PM.png
          Screen Shot 2013-05-06 at 4.30.53 PM.png
          42 kB
        2. Screen Shot 2013-05-06 at 5.01.36 PM.png
          Screen Shot 2013-05-06 at 5.01.36 PM.png
          51 kB

          [JENKINS-17878] HTML test output in tapResults not escaped

          Real ONeil created issue -
          Real ONeil made changes -
          Description Original: On tapResults page, if the output of a given test contains HTML, it renders it out onto the tapResults report wholesale and unescaped.

          If the HTML is partial, it can lead to some output being outside of a result table or missing on render entirely.

          To illustrate what I mean, I've included some offending TAP file content and some screenshots of the results(masking applied by me to protect some data).

          {code}
          # <div id="PageWrapper">
          #
          # <div id="Header">
          # <div class="Liner">
          # </div><!-- end Liner -->
          # </div><!-- end Header -->
          # <div id="ContentWrapper">
          # <div id="ContentColumn">
          # <div class="Liner">
          #
          #
          # </div><!-- end Liner -->
          # </div><!-- end ContentColumn -->
          # </div><!-- end ContentWrapper -->
          #
          # <div id="NavColumn">
          # <div class="Liner">
          # </div><!-- end Liner -->
          # </div><!-- end NavColumn -->
          #
          {/code}
          		 New: On tapResults page, if the output of a given test contains HTML, it renders it out onto the tapResults report wholesale and unescaped.

          If the HTML is partial, it can lead to some output being outside of a result table or missing on render entirely.

          To illustrate what I mean, I've included some offending TAP file content and some screenshots of the results(masking applied by me to protect some data).

          {code}
          # <div id="PageWrapper">
          #
          # <div id="Header">
          # <div class="Liner">
          # </div><!-- end Liner -->
          # </div><!-- end Header -->
          # <div id="ContentWrapper">
          # <div id="ContentColumn">
          # <div class="Liner">
          #
          #
          # </div><!-- end Liner -->
          # </div><!-- end ContentColumn -->
          # </div><!-- end ContentWrapper -->
          #
          # <div id="NavColumn">
          # <div class="Liner">
          # </div><!-- end Liner -->
          # </div><!-- end NavColumn -->
          #
          {code}

          Bruno P. Kinoshita added a comment -

          Thanks for reporting and including the HTML snippet and screenshots Real. I'll take a look on it as soon as I find time to work on tap-plugin again.

          Bruno P. Kinoshita added a comment - Thanks for reporting and including the HTML snippet and screenshots Real. I'll take a look on it as soon as I find time to work on tap-plugin again.
          Bruno P. Kinoshita made changes -
          Status Original: Open [ 1 ] New: In Progress [ 3 ]
          Bruno P. Kinoshita made changes -
          Status Original: In Progress [ 3 ] New: Open [ 1 ]

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Bruno P. Kinoshita
          Path:
          src/main/java/org/tap4j/plugin/TapParser.java
          src/main/java/org/tap4j/plugin/TapResult.java
          src/main/resources/org/tap4j/plugin/tags/line.jelly
          http://jenkins-ci.org/commit/tap-plugin/279e1204335f2092f6beeababf174068223b6047
          Log:
          JENKINS-17878 Escape HTML in test results comments

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Bruno P. Kinoshita Path: src/main/java/org/tap4j/plugin/TapParser.java src/main/java/org/tap4j/plugin/TapResult.java src/main/resources/org/tap4j/plugin/tags/line.jelly http://jenkins-ci.org/commit/tap-plugin/279e1204335f2092f6beeababf174068223b6047 Log: JENKINS-17878 Escape HTML in test results comments

          Bruno P. Kinoshita added a comment -

          To be released tonight, probably tomorrow by noon it will be available in 1.12 via update site. Thanks!

          Bruno P. Kinoshita added a comment - To be released tonight, probably tomorrow by noon it will be available in 1.12 via update site. Thanks!
          Bruno P. Kinoshita made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

          Bruno P. Kinoshita added a comment -

          Fixed in 1.12

          Bruno P. Kinoshita added a comment - Fixed in 1.12
          Bruno P. Kinoshita made changes -
          Status Original: Resolved [ 5 ] New: Closed [ 6 ]

            kinow Bruno P. Kinoshita
            real Real ONeil
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: