Bug 1098394 - No url validation on project homepage field
No url validation on project homepage field
Status: CLOSED CURRENTRELEASE
Product: Zanata
Classification: Community
Component: Component-UI (Show other bugs)
development
Unspecified Unspecified
unspecified Severity low
: ---
: 3.5
Assigned To: Alex Eng
Zanata-QA Mailling List
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2014-05-16 00:19 EDT by Damian Jansen
Modified: 2015-01-26 18:28 EST (History)
2 users (show)

See Also:
Fixed In Version: 3.4.0-SNAPSHOT (git-server-3.3.2-351-g3bcc0ee)
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-01-26 18:28:00 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Damian Jansen 2014-05-16 00:19:49 EDT
Description of problem:
There is no validation on the homepage field, under project general settings. Text that is entered here, not in the form of a url, will either render as appended to the current url or a seam.framework.EntityNotFoundException

Version-Release number of selected component (if applicable):
dev

How reproducible:
Easy always

Steps to Reproduce:
1. go to a project maintained by $currentuser
2. go to settings, enter in blahblahblah as the Home Page. Press Update.
3. Click on the link at the top left

Actual results:
Zanata append the text to the current url, which is then altered back to /versions

Expected results:
Validation shouldn't allow this

Additional info:
If something like <a href="ftp://meowmowowwoof">Meowwoof</a> is entered, it results in an Exception
14:14:37,954 WARN  [org.jboss.seam.exception.Exceptions] (http-/127.0.0.1:8080-7) handled and logged exception: javax.el.ELException: org.jboss.seam.framework.EntityNotFoundException: entity not found: org.zanata.model.HProject#<a href="ftp:
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:339) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.seam.core.Expressions$2.invoke(Expressions.java:222) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.navigation.Page.preRender(Page.java:311) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.navigation.Pages.preRender(Pages.java:351) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
	at org.jboss.seam.jsf.SeamPhaseListener.preRenderPage(SeamPhaseListener.java:565) [jboss-seam-2.3.1.Final.jar:2.3.1.Final]
...
Comment 1 Alex Eng 2014-05-16 00:58:03 EDT
Pull request:
https://github.com/zanata/zanata-server/pull/449


Add URL validation to the input field, new tab/windows when clicked on url
Comment 2 Ding-Yi Chen 2014-05-19 19:53:43 EDT
VERIFIED with:
Zanata 3.4.0-SNAPSHOT (git-server-3.3.2-351-g3bcc0ee)

Note You need to log in before you can comment on or make changes to this bug.