Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-10704

Clicking on listThreadCpuUtilization or listThreadDump under org.jboss.system.server.ServerInfo in the JMX Console produces unformatted results. Raw html is displayed

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Optional Optional
    • EAP_EWP 5.3.1.GA
    • EAP_EWP 5.2.0
    • JMX, Web
    • None
    • Hide

      click on invoke button on listThreadCpuUtilization or listThreadDump under org.jboss.system.server.ServerInfo in the JMX Console

      Show
      click on invoke button on listThreadCpuUtilization or listThreadDump under org.jboss.system.server.ServerInfo in the JMX Console
    • Workaround Exists
    • Hide

      WARNING: this workaround essentially re-opens the security issue which was present in EAP 5.1.2 and lower.
      It is NOT recommended to use this.

      1.Open in test editor displayOpResult.jsp in jmx-console.war.

      2.Edit / change below mentioned scriptlet

      <%!
      /**

      • Translate HTML tags and single and double quotes.
        */
        public String translateMetaCharacters(Object value)
        {
        if(value == null)
        return null;

      String s = String.valueOf(value);
      String sanitizedName = s.replace("<", "<");
      sanitizedName = sanitizedName.replace(">", ">");
      sanitizedName = sanitizedName.replace("\"", """);
      sanitizedName = sanitizedName.replace("\'", "'");
      return sanitizedName;
      }

      %>

      To

      <%!
      /**

      • Translate HTML tags and single and double quotes.
        */
        public String translateMetaCharacters(Object value)
        {
        if(value == null)
        return null;

      String s = String.valueOf(value);
      String sanitizedName = s.replace("\"", """);
      sanitizedName = sanitizedName.replace("\'", "'");

      return sanitizedName;
      }

      %>

      3.save the changes in displayOpResult.jsp and restart / bounce your jboss server instance.

      Show
      WARNING: this workaround essentially re-opens the security issue which was present in EAP 5.1.2 and lower. It is NOT recommended to use this. 1.Open in test editor displayOpResult.jsp in jmx-console.war. 2.Edit / change below mentioned scriptlet <%! /** Translate HTML tags and single and double quotes. */ public String translateMetaCharacters(Object value) { if(value == null) return null; String s = String.valueOf(value); String sanitizedName = s.replace("<", "<"); sanitizedName = sanitizedName.replace(">", ">"); sanitizedName = sanitizedName.replace("\"", """); sanitizedName = sanitizedName.replace("\'", "'"); return sanitizedName; } %> To <%! /** Translate HTML tags and single and double quotes. */ public String translateMetaCharacters(Object value) { if(value == null) return null; String s = String.valueOf(value); String sanitizedName = s.replace("\"", """); sanitizedName = sanitizedName.replace("\'", "'"); return sanitizedName; } %> 3.save the changes in displayOpResult.jsp and restart / bounce your jboss server instance.
    • Medium
    • NEW

      Clicking on listThreadCpuUtilization or listThreadDump under org.jboss.system.server.ServerInfo in the JMX Console produces unformatted results. Raw html is displayed

              tfonteyn Tom Fonteyne (Inactive)
              avijra_jira abhishek vijra (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: