[opsview-base] [476] Merge 474:475 from BRAN-4.4

6 views
Skip to first unread message

s...@opsview.com

unread,
Jun 10, 2015, 12:40:20 PM6/10/15
to opsview-...@googlegroups.com
Revision
476
Author
tvoon
Date
2015-06-10 17:40:19 +0100 (Wed, 10 Jun 2015)

Log Message

Merge 474:475 from BRAN-4.4

Modified Paths

Added Paths

Property Changed


Property changes on: trunk
___________________________________________________________________
Modified: svn:mergeinfo
   - /branches/BRAN-4.2:152
/branches/BRAN-4.3:54-62,237
/branches/BRAN-4.4:361-362,419
/branches/DEV-Nagios_4:63-125
/branches/DEV-Nagios_4-will_need_to_merge:77-148
/branches/DEV-nsca-update:314-335
/branches/DEV-raspi:350
/branches/US539:243-246
/branches/nagvis-iframe:33
   + /branches/BRAN-4.2:152
/branches/BRAN-4.3:54-62,237
/branches/BRAN-4.4:361-362,419,474-475
/branches/DEV-Nagios_4:63-125
/branches/DEV-Nagios_4-will_need_to_merge:77-148
/branches/DEV-nsca-update:314-335
/branches/DEV-raspi:350
/branches/US539:243-246
/branches/nagvis-iframe:33

Modified: trunk/Makefile
===================================================================
--- trunk/Makefile	2015-06-10 16:26:58 UTC (rev 475)
+++ trunk/Makefile	2015-06-10 16:40:19 UTC (rev 476)
@@ -452,6 +452,7 @@
 	unzip -q ${TIMELINE}.zip -d ${TIMELINE}
 	cd ${TIMELINE} && patch -p1 < ../patches/timeline_IE_offsetwidth_bug_fix.patch
 	cd ${TIMELINE} && patch -p1 < ../patches/timeline_turn_off_history.patch
+	cd ${TIMELINE} && patch -p1 < ../patches/timeline_passthru_html_description.patch
 
 ${TANGOICONS}:
 	gunzip -c ${TANGOICONS}.tar.gz | tar -xf -
@@ -640,6 +641,7 @@
 	cd ${NAGIOS} && patch -p1 < ../patches/nagios_defunct_reload_workers.patch
 	cd ${NAGIOS} && patch -p1 < ../patches/nagios_downtimes_block_host_service_recoveries.patch
 	cd ${NAGIOS} && patch -p1 < ../patches/nagios_external_command_start.patch
+	cd ${NAGIOS} && patch -p1 < ../patches/nagios_cgi_html_encode.patch
 	if [ $(KERNEL_NAME) = Linux ] ; then \
 		cd ${NAGIOS} && CFLAGS="${CFLAGS}" ./configure --with-nagios-user=$(NAGIOS_USER) --with-nagios-group=$(NAGIOS_GROUP) --with-command-group=$(NAGIOS_GROUP) --with-cgiurl=/cgi-bin --with-htmurl=/ --enable-libtap ; \
 	elif [ $(KERNEL_NAME) = Darwin ] ; then \

Copied: trunk/patches/nagios_cgi_html_encode.patch (from rev 475, branches/BRAN-4.4/patches/nagios_cgi_html_encode.patch)
===================================================================
--- trunk/patches/nagios_cgi_html_encode.patch	                        (rev 0)
+++ trunk/patches/nagios_cgi_html_encode.patch	2015-06-10 16:40:19 UTC (rev 476)
@@ -0,0 +1,62 @@
+diff -ur '--exclude=.*.sw?' nagios-4.0.20130912.orig/cgi/extinfo.c nagios-4.0.20130912.xss/cgi/extinfo.c
+--- nagios-4.0.20130912.orig/cgi/extinfo.c	2015-06-09 14:50:13.098093080 +0100
++++ nagios-4.0.20130912.xss/cgi/extinfo.c	2015-06-09 15:59:40.297184687 +0100
+@@ -270,7 +270,7 @@
+ 
+ 			if(display_type == DISPLAY_HOST_INFO) {
+ 
+-				printf("<tr><td align=right class='infoBoxTitle'>Host:</td><td>%s (%s)</td></tr>", temp_host->alias, temp_host->name);
++				printf("<tr><td align=right class='infoBoxTitle'>Host:</td><td>%s (%s)</td></tr>", html_encode(temp_host->alias, FALSE), temp_host->name);
+ 
+ 				if (temp_host->parent_hosts != NULL) {
+ 					printf("<tr><td align=right class='infoBoxTitle'>Parents:</td><td>");
+@@ -307,7 +307,7 @@
+ 
+ 				printf(
+ 					"<tr><td align=right class='infoBoxTitle'>On host:</td></td><td>%s (<a href='%s?type=%d&host=%s'>%s</a>)</td></tr>",
+-					temp_host->alias, EXTINFO_CGI, DISPLAY_HOST_INFO,
++					html_encode(temp_host->alias, FALSE), EXTINFO_CGI, DISPLAY_HOST_INFO,
+ 					url_encode(temp_host->name), temp_host->name
+ 				);
+ 
+@@ -330,7 +330,7 @@
+ 				}
+ 			if(display_type == DISPLAY_HOSTGROUP_INFO) {
+ 				printf("<DIV CLASS='data'>Hostgroup</DIV>\n");
+-				printf("<DIV CLASS='dataTitle'>%s</DIV>\n", temp_hostgroup->alias);
++				printf("<DIV CLASS='dataTitle'>%s</DIV>\n", html_encode(temp_hostgroup->alias, FALSE));
+ 				printf("<DIV CLASS='dataTitle'>(%s)</DIV>\n", temp_hostgroup->group_name);
+ 				if(temp_hostgroup->notes != NULL) {
+ 					process_macros_r(mac, temp_hostgroup->notes, &processed_string, 0);
+@@ -340,11 +340,11 @@
+ 				}
+ 			if(display_type == DISPLAY_SERVICEGROUP_INFO) {
+ 				printf("<DIV CLASS='data'>Servicegroup</DIV>\n");
+-				printf("<DIV CLASS='dataTitle'>%s</DIV>\n", temp_servicegroup->alias);
++				printf("<DIV CLASS='dataTitle'>%s</DIV>\n", html_encode(temp_servicegroup->alias, FALSE));
+ 				printf("<DIV CLASS='dataTitle'>(%s)</DIV>\n", temp_servicegroup->group_name);
+ 				if(temp_servicegroup->notes != NULL) {
+ 					process_macros_r(mac, temp_servicegroup->notes, &processed_string, 0);
+-					printf("<p>%s</p>", processed_string);
++					printf("<p>%s</p>",html_encode(processed_string, FALSE));
+ 					free(processed_string);
+ 					}
+ 				}
+@@ -366,7 +366,7 @@
+ 				printf("</td></tr>");
+ 				if(temp_service->notes != NULL) {
+ 					process_macros_r(mac, temp_service->notes, &processed_string, 0);
+-					printf("<tr><td colspan='2'>%s</td></tr>", processed_string);
++					printf("<tr><td colspan='2'>%s</td></tr>", html_encode(processed_string, FALSE));
+ 					free(processed_string);
+ 					}
+ 				}
+@@ -383,7 +383,7 @@
+ 				printf("</td></tr>");
+ 				if(temp_host->notes != NULL) {
+ 					process_macros_r(mac, temp_host->notes, &processed_string, 0);
+-					printf("<tr><td colspan='2'>%s</td></tr>", processed_string);
++					printf("<tr><td colspan='2'>%s</td></tr>", html_encode(processed_string, FALSE));
+ 					free(processed_string);
+ 					}
+ 				}

Copied: trunk/patches/timeline_passthru_html_description.patch (from rev 474, branches/BRAN-4.4/patches/timeline_passthru_html_description.patch)
===================================================================
--- trunk/patches/timeline_passthru_html_description.patch	                        (rev 0)
+++ trunk/patches/timeline_passthru_html_description.patch	2015-06-10 16:40:19 UTC (rev 476)
@@ -0,0 +1,16 @@
+diff -ur timeline-libraries-2.3.0.original/timeline_2.3.0/timeline_js/timeline-bundle.js timeline-libraries-2.3.0/timeline_2.3.0/timeline_js/timeline-bundle.js
+--- timeline-libraries-2.3.0.original/timeline_2.3.0/timeline_js/timeline-bundle.js	2015-06-09 20:37:46.519142213 +0000
++++ timeline-libraries-2.3.0/timeline_2.3.0/timeline_js/timeline-bundle.js	2015-06-09 20:39:51.101576166 +0000
+@@ -2419,7 +2419,11 @@
+ }this._eventID=D("eventID");
+ this._text=(A.text!=null)?SimileAjax.HTML.deEntify(A.text):"";
+ if(B.length>0){this._text+=" PROBLEM: "+B.join(", ");
+-}this._description=SimileAjax.HTML.deEntify(A.description);
++}
++// We do not deEntify as this will remove correct HTML encoding and change it back to HTML again
++// Just let incoming data be put straight into innerHTML later
++//this._description=SimileAjax.HTML.deEntify(A.description);
++this._description=A.description;
+ this._image=D("image");
+ this._link=D("link");
+ this._title=D("hoverText");
Reply all
Reply to author
Forward
0 new messages