Bug 1098394

Summary: No url validation on project homepage field
Product: [Retired] Zanata Reporter: Damian Jansen <djansen>
Component: Component-UIAssignee: Alex Eng <aeng>
Status: CLOSED CURRENTRELEASE QA Contact: Zanata-QA Mailling List <zanata-qa>
Severity: low Docs Contact:
Priority: unspecified    
Version: developmentCC: dchen, zanata-bugs
Target Milestone: ---   
Target Release: 3.5   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 3.4.0-SNAPSHOT (git-server-3.3.2-351-g3bcc0ee) Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-01-26 23:28:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Damian Jansen 2014-05-16 04:19:49 UTC 
Description of problem:
There is no validation on the homepage field, under project general settings. Text that is entered here, not in the form of a url, will either render as appended to the current url or a seam.framework.EntityNotFoundException

Version-Release number of selected component (if applicable):
dev

How reproducible:
Easy always

Steps to Reproduce:
1. go to a project maintained by $currentuser
2. go to settings, enter in blahblahblah as the Home Page. Press Update.
3. Click on the link at the top left

Actual results:
Zanata append the text to the current url, which is then altered back to /versions

Expected results:
Validation shouldn't allow this

Additional info:
If something like <a href="ftp://meowmowowwoof">Meowwoof</a> is entered, it results in an Exception
14:14:37,954 WARN  [org.jboss.seam.exception.Exceptions] (http-/127.0.0.1:8080-7) handled and logged exception: javax.el.ELException: org.jboss.seam.framework.EntityNotFoundException: entity not found: org.zanata.model.HProject#<a href="ftp:
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:339) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:222) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.navigation.Page.preRender(Page.java:311) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.navigation.Pages.preRender(Pages.java:351) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:565) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
...
Comment 1 Alex Eng 2014-05-16 04:58:03 UTC 
Pull request:
https://github.com/zanata/zanata-server/pull/449


Add URL validation to the input field, new tab/windows when clicked on url
Comment 2 Ding-Yi Chen 2014-05-19 23:53:43 UTC 
VERIFIED with:
Zanata 3.4.0-SNAPSHOT (git-server-3.3.2-351-g3bcc0ee)