[tor-commits] [onionoo/master] Don't escape ' in JSON strings.
karsten at torproject.org
karsten at torproject.org
Fri Jul 6 12:29:50 UTC 2012
commit e20dd5be4a86760a21aad62d8a7b3adc3d976a45
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date: Fri Jul 6 11:27:46 2012 +0200
Don't escape ' in JSON strings.
Fixes #6309, found by lunar.
---
src/org/torproject/onionoo/DetailDataWriter.java | 26 +++++++++++----------
1 files changed, 14 insertions(+), 12 deletions(-)
diff --git a/src/org/torproject/onionoo/DetailDataWriter.java b/src/org/torproject/onionoo/DetailDataWriter.java
index 8602093..155c4eb 100644
--- a/src/org/torproject/onionoo/DetailDataWriter.java
+++ b/src/org/torproject/onionoo/DetailDataWriter.java
@@ -314,6 +314,10 @@ public class DetailDataWriter {
return result;
}
+ private static String escapeJSON(String s) {
+ return StringEscapeUtils.escapeJavaScript(s).replaceAll("\\\\'", "'");
+ }
+
private SortedMap<String, File> updateRelayDetailsFiles(
SortedMap<String, File> remainingDetailsFiles) {
SortedMap<String, File> result =
@@ -395,13 +399,11 @@ public class DetailDataWriter {
sb.append("\n]");
if (descriptor.getContact() != null) {
sb.append(",\n\"contact\":\""
- + StringEscapeUtils.escapeJavaScript(
- descriptor.getContact()) + "\"");
+ + escapeJSON(descriptor.getContact()) + "\"");
}
if (descriptor.getPlatform() != null) {
sb.append(",\n\"platform\":\""
- + StringEscapeUtils.escapeJavaScript(
- descriptor.getPlatform()) + "\"");
+ + escapeJSON(descriptor.getPlatform()) + "\"");
}
if (descriptor.getFamilyEntries() != null) {
sb.append(",\n\"family\":[");
@@ -473,23 +475,23 @@ public class DetailDataWriter {
}
if (countryName != null) {
sb.append(",\n\"country_name\":\""
- + StringEscapeUtils.escapeJavaScript(countryName) + "\"");
+ + escapeJSON(countryName) + "\"");
}
if (regionName != null) {
sb.append(",\n\"region_name\":\""
- + StringEscapeUtils.escapeJavaScript(regionName) + "\"");
+ + escapeJSON(regionName) + "\"");
}
if (cityName != null) {
sb.append(",\n\"city_name\":\""
- + StringEscapeUtils.escapeJavaScript(cityName) + "\"");
+ + escapeJSON(cityName) + "\"");
}
if (aSNumber != null) {
sb.append(",\n\"as_number\":\""
- + StringEscapeUtils.escapeJavaScript(aSNumber) + "\"");
+ + escapeJSON(aSNumber) + "\"");
}
if (aSName != null) {
sb.append(",\n\"as_name\":\""
- + StringEscapeUtils.escapeJavaScript(aSName) + "\"");
+ + escapeJSON(aSName) + "\"");
}
if (consensusWeight >= 0L) {
sb.append(",\n\"consensus_weight\":"
@@ -497,7 +499,7 @@ public class DetailDataWriter {
}
if (hostName != null) {
sb.append(",\n\"host_name\":\""
- + StringEscapeUtils.escapeJavaScript(hostName) + "\"");
+ + escapeJSON(hostName) + "\"");
}
/* Add exit addresses if at least one of them is distinct from the
@@ -625,8 +627,8 @@ public class DetailDataWriter {
sb.append("\"desc_published\":\"" + publishedDateTime + "\",\n"
+ "\"last_restarted\":\"" + lastRestartedString + "\",\n"
+ "\"advertised_bandwidth\":" + advertisedBandwidth + ",\n"
- + "\"platform\":\"" + StringEscapeUtils.escapeJavaScript(
- descriptor.getPlatform()) + "\"");
+ + "\"platform\":\"" + escapeJSON(descriptor.getPlatform())
+ + "\"");
descriptorParts = sb.toString();
}
More information about the tor-commits
mailing list