Google Git
Sign in
apache / ofbiz / 4d68f770d95773604d692e919ec5dfa258ccdcbb^! / .
commit4d68f770d95773604d692e919ec5dfa258ccdcbb[log] [tgz]
authorJacques Le Roux <jleroux@apache.org>Sat Jan 21 07:02:19 2017 +0000
committerJacques Le Roux <jleroux@apache.org>Sat Jan 21 07:02:19 2017 +0000
treeda6422de10839d7c20273271f2642af34ae13316
parent3784e27bed97cf20b6ef0f3fe8590fe9a269ed1f [diff]
Implemented: Birt Report Builder: an enhancement of the Birt component. 
Easier user possibility of report creation.
(OFBIZ-6919)

Fixes a small issue: the REPORT contentId is now named FLEXIBLE_REPORT

Note: the BIRT_REPORT_BUILDER_USAGE_POLICY still need to be completed. Hence 
it's for now bypassed in ContentWorker.renderContentAsText(), based on the 
FLEXIBLE_REPORT contentId

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1779701 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentWorker.java b/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentWorker.java
index f891e01..8db3206 100644
--- a/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentWorker.java
+++ b/applications/content/src/main/java/org/apache/ofbiz/content/content/ContentWorker.java

@@ -340,7 +340,7 @@
         String rendered = writer.toString();
         // According to https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet#XSS_Prevention_Rules_Summary
         // Normally head is protected by X-XSS-Protection Response Header by default
-        if (!"REPORT".equals(contentTypeId)) { // FIXME here BIRT_REPORT_BUILDER_USAGE_POLICY should be used but I could not tweak it yet: the content of <script> are removed and should not. Also a more annoying no yet spotted issue with contentId dissapearing
+        if (!"FLEXIBLE_REPORT".equals(contentTypeId)) { // FIXME here BIRT_REPORT_BUILDER_USAGE_POLICY should be used but I could not tweak it yet: the content of <script> are removed and should not. Also a more annoying no yet spotted issue with contentId dissapearing
             if (rendered.contains("<script>")
                     || rendered.contains("<!--")
                     || rendered.contains("<div")

diff --git a/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java b/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java
index 5a63bf7..659675f 100644
--- a/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java
+++ b/framework/base/src/main/java/org/apache/ofbiz/base/util/UtilCodec.java

@@ -129,7 +129,7 @@
                 .allowAttributes("class").onElements("td")
                 .allowAttributes("method").onElements("form")
                 .toFactory();
-        // This is the PolicyFactory used for the Birt Report Builder usage feature.  ("REPORT" contentTypeId)
+        // This is the PolicyFactory used for the Birt Report Builder usage feature.  ("FLEXIBLE_REPORT" contentTypeId)
         // It allows to use the OOTB Birt Report Builder example.
         // You might need to enhance it for your needs but normally you should not
         // In any case be sure to check https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet before changing things here...