Commits

Oswaldo Hernandez committed 51ea720

Initial commit

Comments (0)

Files changed (5)

+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>com.atlassian.jira.plugins</groupId>
+    <artifactId>velocity-html-escaping-example</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <organization>
+        <name>Example Company</name>
+        <url>http://www.example.com/</url>
+    </organization>
+
+    <name>velocity-html-escaping-example</name>
+    <description>This is the com.atlassian.jira.plugins:velocity-html-escaping-example plugin for Atlassian JIRA.</description>
+    <packaging>atlassian-plugin</packaging>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.atlassian.jira</groupId>
+            <artifactId>jira-api</artifactId>
+            <version>${jira.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <!-- Add dependency on jira-core if you want access to JIRA implementation classes as well as the sanctioned API. -->
+        <!-- This is not normally recommended, but may be required eg when migrating a plugin originally developed against JIRA 4.x -->
+        <!--
+        <dependency>
+            <groupId>com.atlassian.jira</groupId>
+            <artifactId>jira-core</artifactId>
+            <version>${jira.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        -->
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.8.1</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.atlassian.jira</groupId>
+            <artifactId>jira-tests</artifactId>
+            <version>${jira.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.atlassian.jira</groupId>
+            <artifactId>jira-func-tests</artifactId>
+            <version>${jira.version}</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.atlassian.velocity.htmlsafe</groupId>
+            <artifactId>velocity-htmlsafe</artifactId>
+            <version>1.1.1</version>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>com.atlassian.maven.plugins</groupId>
+                <artifactId>maven-jira-plugin</artifactId>
+                <version>${amps.version}</version>
+                <extensions>true</extensions>
+                <configuration>
+                    <products>
+                        <product>
+                            <id>jira</id>
+                            <version>${jira.version}</version>
+                        </product>
+                    </products>
+                </configuration>
+            </plugin>
+            <plugin>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>1.6</source>
+                    <target>1.6</target>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <properties>
+        <jira.version>5.1</jira.version>
+        <amps.version>3.11</amps.version>
+    </properties>
+
+</project>

src/main/java/com/atlassian/jira/plugins/velocity/html/BasicTemplateEscaping.java

+package com.atlassian.jira.plugins.velocity.html;
+
+import com.atlassian.jira.web.action.JiraWebActionSupport;
+import com.atlassian.velocity.htmlsafe.HtmlSafe;
+
+/**
+ * Action demonstrating the usage of automatic html escaping from velocity templates.
+ */
+public class BasicTemplateEscaping extends JiraWebActionSupport
+{
+
+    public BasicTemplateEscaping()
+    {
+    }
+
+    @Override
+    protected String doExecute() throws Exception
+    {
+        return "success";
+    }
+
+    public String getContent()
+    {
+        return "<script>alert('html escaped by default')</script>";
+    }
+
+    public String getFragmentHtml()
+    {
+        return "<span style='color:blue'>" +
+                    "This method call should not be escaped, therefore rendering in blue colour" +
+                "</span>";
+    }
+
+    @HtmlSafe
+    public String getFragment()
+    {
+        return "<span style='color:grey'>" +
+                "This method call should not be escaped, therefore rendering in grey colour" +
+                "</span>";
+    }
+}

src/main/resources/atlassian-plugin.xml

+<atlassian-plugin key="${project.groupId}.${project.artifactId}" name="${project.name}" plugins-version="2">
+    <plugin-info>
+        <description>${project.description}</description>
+        <version>${project.version}</version>
+        <vendor name="${project.organization.name}" url="${project.organization.url}" />
+    </plugin-info>
+
+        <webwork1 key="reference-actions" name="Reference WebWork Action" class="java.lang.Object">
+        <actions>
+            <action name="com.atlassian.jira.plugins.velocity.html.BasicTemplateEscaping" alias="BasicTemplateEscaping">
+                <view name="success">templates/basic-template.vm</view>
+            </action>
+        </actions>
+    </webwork1>
+</atlassian-plugin>

src/main/resources/templates/basic-template.vm

+#* @vtlvariable name="action" type="com.atlassian.jira.plugins.velocity.html.BasicTemplateEscaping" *#
+
+#enable_html_escaping()
+<html>
+<head>
+    <title>Automatic Html Escaping Examples</title>
+</head>
+<body>
+    <h1>Automatic Html Escaping Examples</h1>
+    <p>
+        This page demonstrates how automatic escaping is applied to the evaluation of method calls and references given
+        that the <code>#enable_html_escaping</code> directive has been specified in the template file.
+    </p>
+
+    <div>
+        <span>Inline Call:</span>
+        <span>
+           $action.getContent()
+        </span>
+    </div>
+
+    <div>
+        <span>Macro Content:</span>
+        #test()
+    </div>
+        #macro( test )
+        <span>
+            $action.getContent()
+        </span>
+        #end
+
+    <div>
+        <span>Parsed Content:</span>
+        #parse("/templates/includes/basic-fragment.vm")
+    </div>
+
+    #set($contentAsHtml = "<span style='color:red;'>This should not be escaped, therefore rendering in red colour.</span>")
+    <div>
+        <span>Disabling Escaping - References:</span>
+        $contentAsHtml
+    </div>
+
+    <div>
+        <span>Disabling Escaping - Methods Via Naming:</span>
+        $action.getFragmentHtml()
+    </div>
+
+    <div>
+        <span>Disabling Escaping - Methods Via Annotation:</span>
+        $action.getFragment()
+    </div>
+</body>
+</html>

src/main/resources/templates/includes/basic-fragment.vm

+<span id="fragment-for-inclusion">
+    $action.getContent()
+</span>