Skip to content

Commit

Permalink
Remove usages of Prototype from Fortify (#64)
Browse files Browse the repository at this point in the history
  • Loading branch information
@akaryakina
akaryakina committed Nov 1, 2023
1 parent 4c85ab9 commit 0f4d8e6
Show file tree
Hide file tree
Showing 4 changed files with 190 additions and 169 deletions.
17 changes: 5 additions & 12 deletions src/main/java/com/fortify/plugin/jenkins/FortifyPlugin.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*******************************************************************************
* (c) Copyright 2020 Micro Focus or one of its affiliates.
* Copyright 2020-2023 Open Text.
*
* Licensed under the MIT License (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -862,12 +862,9 @@ private void performLocalTranslation(AbstractBuild<?, ?> build, Launcher launche
public static <T> T runWithFortifyClient(String token, FortifyClient.Command<T> cmd) throws Exception {
if (cmd != null) {
String url = DESCRIPTOR.getUrl();
ClassLoader contextClassLoader = null;
try {
FortifyClient client = null;
synchronized (syncObj) {
contextClassLoader = Thread.currentThread().getContextClassLoader();
Thread.currentThread().setContextClassLoader(FortifyPlugin.class.getClassLoader());
client = new FortifyClient();
ProxyConfig proxyConfig = DESCRIPTOR.getProxyConfig();
client.init(url, token, proxyConfig, DESCRIPTOR.getConnectTimeout(), DESCRIPTOR.getReadTimeout(), DESCRIPTOR.getWriteTimeout());
Expand All @@ -892,10 +889,6 @@ public static <T> T runWithFortifyClient(String token, FortifyClient.Command<T>

}
throw new ApiException(message, e, e.getCode(), e.getResponseHeaders());
} finally {
if (contextClassLoader != null) {
Thread.currentThread().setContextClassLoader(contextClassLoader);
}
}
}
return null;
Expand Down Expand Up @@ -1613,7 +1606,7 @@ public void doRefreshProjects(StaplerRequest req, StaplerResponse rsp, @QueryPar
}
buf.insert(0, "{ \"list\" : [\n");
buf.append("]}");
rsp.setContentType("application/json;charset=utf-8");
rsp.setContentType("application/json;charset=UTF-8");
// we are using DOMPurify to sanitize the input on the javascript side to prevent XSS, see refresh-projects.js
rsp.getWriter().print(buf.toString());
} catch (Exception e) {
Expand All @@ -1640,7 +1633,7 @@ public void doRefreshVersions(StaplerRequest req, StaplerResponse rsp, @QueryPar
buf.append(appVersionToJson(selectedApp, appVersions));
buf.insert(0, "{ \"list\" : [\n");
buf.append("]}");
rsp.setContentType("application/json;charset=utf-8");
rsp.setContentType("application/json;charset=UTF-8");
// we are also using DOMPurify to sanitize the input on the javascript side to prevent XSS, see refresh-projects.js
rsp.getWriter().print(buf.toString());
} catch (Exception e) {
Expand Down Expand Up @@ -1725,7 +1718,7 @@ public void doRefreshProjectTemplates(StaplerRequest req, StaplerResponse rsp, @
}
buf.append("]}");
// send HTML data directly
rsp.setContentType("text/html;charset=UTF-8");
rsp.setContentType("application/json;charset=UTF-8");
rsp.getWriter().print(buf.toString());
} catch (Exception e) {
e.printStackTrace();
Expand Down Expand Up @@ -1772,7 +1765,7 @@ public void doRefreshSensorPools(StaplerRequest req, StaplerResponse rsp, @Query
}
buf.append("]}");
// send HTML data directly
rsp.setContentType("text/html;charset=UTF-8");
rsp.setContentType("application/json;charset=UTF-8");

Check warning on line 1768 in src/main/java/com/fortify/plugin/jenkins/FortifyPlugin.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines 

Lines 1609-1768 are not covered by tests
rsp.getWriter().print(buf.toString());
} catch (Exception e) {
e.printStackTrace();
Expand Down
17 changes: 10 additions & 7 deletions src/main/resources/com/fortify/plugin/jenkins/ChartAction/floatingBox.jelly
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?jelly escape-by-default='true'?>
<!--
(c) Copyright 2019 Micro Focus or one of its affiliates.
Copyright 2023 Open Text.
Licensed under the MIT License (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
Expand All @@ -22,11 +22,14 @@
<script defer="true">
var stamp = new Date().getTime();
function checkGraphUpdate() {
var parameters = {};
new Ajax.Request("${action.urlName}/checkUpdates?stamp="+stamp,{
parameters: parameters,
onComplete: function(rsp) {
var update = rsp.getResponseHeader("go");
fetch("${action.urlName}/checkUpdates?stamp="+stamp, {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
}).then(function(rsp) {
if (rsp.ok) {
var update = rsp.headers.get('go');
if(update == "go") {
stamp = new Date().getTime();
var image = document.getElementById('nvsGraph');
Expand Down
162 changes: 98 additions & 64 deletions src/main/webapp/refresh-issues.js
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*******************************************************************************
* (c) Copyright 2019 Micro Focus or one of its affiliates.
* Copyright 2023 Open Text.
*
* Licensed under the MIT License (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -13,27 +13,38 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
var isUpdateEnable = true;

function updateByUrl(boxId,urlLink,params,spinnerUrl) {
var isUpdateEnable = true;
function updateByUrl(boxId,urlLink,params,spinnerUrl) {
// first display the "loading..." icon
if (isUpdateEnable) {
isUpdateEnable = false;
var box = document.getElementById(boxId);
box.innerHTML = '<img src="' + spinnerUrl + '" alt=""/>';
// then actually fetch the HTML
new Ajax.Request(urlLink, {
method: "post",
parameters: params,
onComplete: function(rsp,_) {
var issueTable = document.getElementById('issueTable');
if (issueTable != null) {
issueTable.innerHTML = rsp.responseText;
}
isUpdateEnable = true;
}
});
}
if (isUpdateEnable) {
isUpdateEnable = false;
var box = document.getElementById(boxId);
box.innerHTML = '<img src="' + spinnerUrl + '" alt=""/>';
const parameters = [];
for (const key in params) {
if (params.hasOwnProperty(key)) {
parameters.push(`${encodeURIComponent(key)}=${encodeURIComponent(params[key])}`);
}
}
// then actually fetch the HTML
fetch(urlLink + "?" + parameters.join('&'), {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
})
.then(response => response.text())
.then(text => {
var issueTable = document.getElementById('issueTable');
if (issueTable != null) {
issueTable.innerHTML = text;
}
isUpdateEnable = true;
})
.catch((error) => {
// Handle any errors
});
}
}

function updateList(boxId,folder,nextPage,spinnerUrl) {
Expand Down Expand Up @@ -67,12 +78,14 @@
}

function scheduleUpdateCheck() {
var params = 'stamp='+stamp;
new Ajax.Request(contextUrl+"/checkUpdates",{
method: "post",
parameters: params,
onComplete: function(rsp,_) {
var update = rsp.getResponseHeader('go');
fetch(contextUrl + "/checkUpdates?stamp=" + stamp, {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
}).then(function(rsp) {
if (rsp.ok) {
var update = rsp.headers.get('go');
if(update == "go") {
stamp = new Date().getTime();
reloadStatistics();
Expand All @@ -85,43 +98,59 @@
}

function reloadStatistics() {
var parameters = {};
new Ajax.Request(contextUrl+"/ajaxStats",{
method: "post",
onComplete: function(rsp,_) {
var scanStatistics = document.getElementById('scanStatistics');
if (scanStatistics != null) {
scanStatistics.innerHTML = rsp.responseText;
}
fetch(contextUrl + "/ajaxStats", {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
})
.then(response => response.text())
.then(text => {
var scanStatistics = document.getElementById('scanStatistics');
if (scanStatistics != null) {
scanStatistics.innerHTML = text;
}
})
.catch((error) => {
// Handle any errors
});
}

function reloadIssues() {
var parameters = {};
new Ajax.Request(contextUrl+"/ajaxIssues",{
method: "post",
parameters: parameters,
onComplete: function(rsp) {
var issueTable = document.getElementById('issueTable');
if (issueTable != null) {
issueTable.innerHTML = rsp.responseText;
}
fetch(contextUrl + "/ajaxIssues", {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
})
.then(response => response.text())
.then(text => {
var issueTable = document.getElementById('issueTable');
if (issueTable != null) {
issueTable.innerHTML = text;
}
})
.catch((error) => {
// Handle any errors
});
}

function reload(url,box) {
var parameters = {};
new Ajax.Request(url,{
method: "post",
parameters: parameters,
onComplete: function(rsp) {
var issueTable = document.getElementById(box);
if (issueTable != null) {
issueTable.innerHTML = rsp.responseText;
}
fetch(url, {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
})
.then(response => response.text())
.then(text => {
var issueTable = document.getElementById(box);
if (issueTable != null) {
issueTable.innerHTML = text;
}
})
.catch((error) => {
// Handle any errors
});
}

Expand All @@ -131,17 +160,22 @@
var box = document.getElementById('firstTimeSpinF');
box.innerHTML = '<img src="'+spinnerUrl+'" alt=""/>';
// then actually fetch the HTML
var request = new Ajax.Request(contextUrl+"/ajaxIssues",{
method: "post",
parameters : "firstTime=yes",
onComplete: function(rsp,_) {
var issueTable = document.getElementById('issueTable');
issueTable.innerHTML = rsp.responseText;
// next update
// window.setTimeout(loadIssues, 5000);
window.setTimeout(scheduleUpdateCheck, 10000);
}
});
fetch(contextUrl + "/ajaxIssues?firstTime=yes", {
method: 'POST',
headers: crumb.wrap({
'Content-Type': 'text/plain'
})
})
.then(response => response.text())
.then(text => {
var issueTable = document.getElementById('issueTable');
issueTable.innerHTML = text;
// next update
window.setTimeout(scheduleUpdateCheck, 10000);
})
.catch((error) => {
// Handle any errors
});
}
window.setTimeout(loadIssues, 0);
}
Loading

0 comments on commit 0f4d8e6

Please sign in to comment.