From ecb792050ac548099d5826c284b56137658df45f Mon Sep 17 00:00:00 2001 From: delvh Date: Sat, 26 Sep 2020 23:08:32 +0200 Subject: [PATCH 1/2] Sanitized issue proposals Fixes #53 --- .../client/ui/settings/BugReportPane.java | 6 +- .../java/envoy/client/util/IssueUtil.java | 90 ++++++++++++++----- 2 files changed, 71 insertions(+), 25 deletions(-) diff --git a/client/src/main/java/envoy/client/ui/settings/BugReportPane.java b/client/src/main/java/envoy/client/ui/settings/BugReportPane.java index 88b0397..5fab593 100644 --- a/client/src/main/java/envoy/client/ui/settings/BugReportPane.java +++ b/client/src/main/java/envoy/client/ui/settings/BugReportPane.java @@ -7,7 +7,6 @@ import javafx.scene.input.InputEvent; import envoy.client.event.SendEvent; import envoy.client.util.IssueUtil; import envoy.data.User; -import envoy.event.IssueProposal; import dev.kske.eventbus.EventBus; @@ -70,8 +69,9 @@ public final class BugReportPane extends OnlyIfOnlineSettingsPane { submitReportButton.setDisable(true); submitReportButton.setOnAction(e -> { EventBus.getInstance() - .dispatch(new SendEvent(new IssueProposal(titleTextField.getText(), - IssueUtil.sanitizeIssueDescription(errorDetailArea.getText(), showUsernameInBugReport.isSelected() ? user.getName() : null), + .dispatch(new SendEvent(IssueUtil.createIssueProposal(titleTextField.getText(), + errorDetailArea.getText(), + showUsernameInBugReport.isSelected() ? user.getName() : null, true))); }); getChildren().add(submitReportButton); diff --git a/client/src/main/java/envoy/client/util/IssueUtil.java b/client/src/main/java/envoy/client/util/IssueUtil.java index 6c6e165..08fd1f8 100644 --- a/client/src/main/java/envoy/client/util/IssueUtil.java +++ b/client/src/main/java/envoy/client/util/IssueUtil.java @@ -1,40 +1,86 @@ package envoy.client.util; +import java.util.regex.Pattern; + +import envoy.event.IssueProposal; + /** * Provides methods to handle outgoing issues. - *

- * Project: client
- * File: IssueUtil.java
- * Created: 20.08.2020
* * @author Leon Hofmeister + * @author Kai S. K. Engelbart * @since Envoy Client v0.2-beta */ public final class IssueUtil { - /** - * - * @since Envoy Client v0.2-beta - */ + private static final Pattern removeBackslashes = Pattern.compile("\\\\"); + private static final Pattern escapeQuotes = Pattern.compile("\""); + private IssueUtil() {} /** - * Performs actions to ensure the description of an issue will be displayed as - * intended by the user. + * Creates a new {@code IssueProposal} from the given data. * - * @param rawDescription the description to sanitize - * @param username the user who submitted the issue. Should be - * {@code null} if he does not want to be named. - * @return the sanitized description + * @param title the proposed title of the issue + * @param description the proposed description of the issue + * @param username the user who submitted the issue. Should be + * {@code null} if he does not want to be named. * @param + * isBug + * @param isBug whether this issue is a bug or a feature + * @return a sanitized IssueProposal that should not fail to be sent * @since Envoy Client v0.2-beta */ - public static String sanitizeIssueDescription(String rawDescription, String username) { - // Appending the submitter name, if this option was enabled - rawDescription += username != null - ? (rawDescription.endsWith("\n") || rawDescription.endsWith("
") ? "" : "
") + String.format("Submitted by user %s.", username) - : ""; - // Markdown does not support "normal" line breaks. It uses "
" - rawDescription = rawDescription.replaceAll(System.getProperty("line.separator", "\r?\n"), "
"); - return rawDescription; + public static IssueProposal createIssueProposal(String title, String description, String username, boolean isBug) { + title = sanitizeIssueTitle(title); + description = sanitizeIssueDescription(description, username); + return new IssueProposal(title, description, isBug); + + } + + /** + * Escapes quotes and removes backslashes for a suggested issue title. + * + * @param title the title to sanitize + * @return the sanitized title + * @since Envoy Client v0.2-beta + */ + private static String sanitizeIssueTitle(String title) { + + // Remove ALL backslashes as they are only error prone + title = removeBackslashes.matcher(title).replaceAll(""); + + // Escape quotes + title = escapeQuotes.matcher(title).replaceAll("\\\\\""); + return title; + } + + /** + * Normalizes line breaks,
+ * removes all backslashes,
+ * escapes quotes and
+ * appends the user name to the issue description if requested. + * + * @param description the description to sanitize + * @param username the user who submitted the issue. Should be + * {@code null} if he does not want to be named. + * @return the sanitized description + * @since Envoy Client v0.2-beta + * @apiNote the String returned might not be sanitized in case multiple + * backslashes are preceding a quote. + */ + public static String sanitizeIssueDescription(String description, String username) { + + // Trim and replace line breaks by
tags + description = description.trim().replaceAll(System.getProperty("line.separator"), "
"); + + // Append user name if requested + if (username != null) description += String.format("
Submitted by user %s.", username); + + // Remove ALL backslashes as they are only error prone + description = removeBackslashes.matcher(description).replaceAll(""); + + // Escape all quotes to avoid prematurely ending the string + description = escapeQuotes.matcher(description).replaceAll("\\\\\""); + return description; } } -- 2.30.2 From 2138d8d0643b0b9026f89cef1cdb5cfbc0e5aa0b Mon Sep 17 00:00:00 2001 From: kske Date: Sun, 27 Sep 2020 16:52:27 +0200 Subject: [PATCH 2/2] Fix quote and backslash escaping in IssueProposal --- .../client/ui/settings/BugReportPane.java | 11 ++- .../java/envoy/client/util/IssueUtil.java | 83 ------------------- .../main/java/envoy/event/IssueProposal.java | 39 ++++++++- 3 files changed, 42 insertions(+), 91 deletions(-) delete mode 100644 client/src/main/java/envoy/client/util/IssueUtil.java diff --git a/client/src/main/java/envoy/client/ui/settings/BugReportPane.java b/client/src/main/java/envoy/client/ui/settings/BugReportPane.java index 1404e16..0ac1d83 100644 --- a/client/src/main/java/envoy/client/ui/settings/BugReportPane.java +++ b/client/src/main/java/envoy/client/ui/settings/BugReportPane.java @@ -4,8 +4,7 @@ import javafx.event.EventHandler; import javafx.scene.control.*; import javafx.scene.input.InputEvent; -import envoy.client.data.Context; -import envoy.client.util.IssueUtil; +import envoy.event.IssueProposal; /** * This class offers the option for users to submit a bug report. Only the title @@ -58,10 +57,10 @@ public final class BugReportPane extends OnlineOnlySettingsPane { // Displaying the submitReportButton submitReportButton.setDisable(true); - submitReportButton.setOnAction(e -> client.send(IssueUtil.createIssueProposal(titleTextField.getText(), - errorDetailArea.getText(), - showUsernameInBugReport.isSelected() ? Context.getInstance().getLocalDB().getUser().getName() : null, - true))); + submitReportButton.setOnAction(e -> { + String title = titleTextField.getText(), description = errorDetailArea.getText(); + client.send(showUsernameInBugReport.isSelected() ? new IssueProposal(title, description, true) : new IssueProposal(title, description, client.getSender().getName(), true)); + }); getChildren().add(submitReportButton); } } diff --git a/client/src/main/java/envoy/client/util/IssueUtil.java b/client/src/main/java/envoy/client/util/IssueUtil.java deleted file mode 100644 index eb2c0ea..0000000 --- a/client/src/main/java/envoy/client/util/IssueUtil.java +++ /dev/null @@ -1,83 +0,0 @@ -package envoy.client.util; - -import java.util.regex.Pattern; - -import envoy.event.IssueProposal; - -/** - * Provides methods to handle outgoing issues. - * - * @author Leon Hofmeister - * @author Kai S. K. Engelbart - * @since Envoy Client v0.2-beta - */ -public final class IssueUtil { - - private static final Pattern removeBackslashes = Pattern.compile("\\\\"); - private static final Pattern escapeQuotes = Pattern.compile("\""); - - private IssueUtil() {} - - /** - * Creates a new {@code IssueProposal} from the given data. - * - * @param title the proposed title of the issue - * @param description the proposed description of the issue - * @param username the user who submitted the issue. Should be - * {@code null} if he does not want to be named. * @param - * isBug - * @param isBug whether this issue is a bug or a feature - * @return a sanitized IssueProposal that should not fail to be sent - * @since Envoy Client v0.2-beta - */ - public static IssueProposal createIssueProposal(String title, String description, String username, boolean isBug) { - title = sanitizeIssueTitle(title); - description = sanitizeIssueDescription(description, username); - return new IssueProposal(title, description, isBug); - } - - /** - * Escapes quotes and removes backslashes for a suggested issue title. - * - * @param title the title to sanitize - * @return the sanitized title - * @since Envoy Client v0.2-beta - */ - private static String sanitizeIssueTitle(String title) { - - // Remove ALL backslashes as they are only error prone - title = removeBackslashes.matcher(title).replaceAll(""); - - // Escape quotes - title = escapeQuotes.matcher(title).replaceAll("\\\\\""); - return title; - } - - /** - * Normalizes line breaks,
- * removes all backslashes,
- * escapes quotes and
- * appends the user name to the issue description if requested. - * - * @param description the description to sanitize - * @param username the user who submitted the issue. Should be - * {@code null} if he does not want to be named. - * @return the sanitized description - * @since Envoy Client v0.2-beta - */ - public static String sanitizeIssueDescription(String description, String username) { - - // Trim and replace line breaks by
tags - description = description.trim().replaceAll(System.getProperty("line.separator"), "
"); - - // Append user name if requested - if (username != null) description += String.format("
Submitted by user %s.", username); - - // Remove ALL backslashes as they are only error prone - description = removeBackslashes.matcher(description).replaceAll(""); - - // Escape all quotes to avoid prematurely ending the string - description = escapeQuotes.matcher(description).replaceAll("\\\\\""); - return description; - } -} diff --git a/common/src/main/java/envoy/event/IssueProposal.java b/common/src/main/java/envoy/event/IssueProposal.java index 63c54f1..b12b6fd 100644 --- a/common/src/main/java/envoy/event/IssueProposal.java +++ b/common/src/main/java/envoy/event/IssueProposal.java @@ -23,11 +23,46 @@ public final class IssueProposal extends Event { * @since Envoy Common v0.2-beta */ public IssueProposal(String title, String description, boolean isBug) { - super(title); - this.description = description; + super(escape(title)); + this.description = sanitizeDescription(description); bug = isBug; } + /** + * @param title the title of the reported bug + * @param description the description of this bug + * @param user the name of the user creating the issue + * @param isBug determines whether this {@code IssueProposal} is + * supposed to be a + * feature or a bug (true = bug, false = feature) + * @since Envoy Common v0.2-beta + */ + public IssueProposal(String title, String description, String user, boolean isBug) { + super(escape(title)); + this.description = sanitizeDescription(description) + String.format("
Submitted by user %s.", user); + bug = isBug; + } + + /** + * Escapes an issue description and normalizes its line breaks. + * + * @param description the description to normalize + * @return the normalized description + * @since Envoy Common v0.2-beta + */ + private static String sanitizeDescription(String description) { + return escape(description).replaceAll("\r?\n", "
"); + } + + /** + * Escapes quotes and backslashes from a string. + * + * @param raw the string to escape + * @return the escaped string + * @since Envoy Client v0.2-beta + */ + private static String escape(String raw) { return raw.replace("\\", "\\\\").replace("\"", "\\\""); } + /** * @return the description * @since Envoy Common v0.2-beta -- 2.30.2