SAK-41811 - StringEscapeUtils in commons-lang3 is deprecated, moved t…

…o commons-text (sakaiproject#6927)
mrmodise · May 20, 2019 · 598439a · 598439a
1 parent 0f7ca79
commit 598439a
Show file tree

Hide file tree

Showing 53 changed files with 244 additions and 172 deletions.
diff --git a/assignment/impl/src/java/org/sakaiproject/assignment/impl/AssignmentServiceImpl.java b/assignment/impl/src/java/org/sakaiproject/assignment/impl/AssignmentServiceImpl.java
@@ -2960,7 +2960,7 @@ private void zipSubmissions(String assignmentReference, String assignmentTitle,
                                 if (!notes.isEmpty()) {
                                     final StringBuilder noteList = new StringBuilder("<ul>");
                                     for (String note : notes) {
-                                        noteList.append("<li>" + StringEscapeUtils.escapeHtml3(note) + "</li>");
+                                        noteList.append("<li>" + StringEscapeUtils.escapeHtml4(note) + "</li>");
                                     }
                                     noteList.append("</ul>");
                                     submittersAdditionalNotesHtml.append("<tr><td style='padding-right:10px;padding-left:10px'>" + submittersString + "</td><td style='padding-right:10px'>" + noteList + "</td></tr>");

diff --git a/basiclti/tsugi-util/pom.xml b/basiclti/tsugi-util/pom.xml
@@ -29,6 +29,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.googlecode.json-simple</groupId>
             <artifactId>json-simple</artifactId>

diff --git a/basiclti/tsugi-util/src/java/org/tsugi/pox/IMSPOXRequest.java b/basiclti/tsugi-util/src/java/org/tsugi/pox/IMSPOXRequest.java
@@ -21,7 +21,7 @@
 import javax.xml.xpath.XPathExpression;
 import javax.xml.xpath.XPathFactory;
 
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
 import org.tsugi.basiclti.Base64;
 import org.tsugi.basiclti.XMLMap;
 import org.w3c.dom.Document;
@@ -387,9 +387,9 @@ public static String getFatalResponse(String description, String message_id)
 		String messageId = ""+dt.getTime();
 
 		return String.format(fatalMessage, 
-				StringEscapeUtils.escapeXml(messageId), 
-				StringEscapeUtils.escapeXml(description),
-				StringEscapeUtils.escapeXml(message_id)); 
+				StringEscapeUtils.escapeXml11(messageId), 
+				StringEscapeUtils.escapeXml11(description),
+				StringEscapeUtils.escapeXml11(message_id)); 
 	}
 
 	static final String responseMessage = 
@@ -462,7 +462,7 @@ public String getResponse(String description, String major, String severity,
 				sb.append("          <imsx_codeMinorField>\n            <imsx_codeMinorFieldName>");
 				sb.append(key);
 				sb.append("</imsx_codeMinorFieldName>\n            <imsx_codeMinorFieldValue>");
-				sb.append(StringEscapeUtils.escapeXml(value));
+				sb.append(StringEscapeUtils.escapeXml11(value));
 				sb.append("</imsx_codeMinorFieldValue>\n          </imsx_codeMinorField>\n");
 			}
 			if ( sb.length() > 0 ) sb.append("        </imsx_codeMinor>");
@@ -493,13 +493,13 @@ public String getResponse(String description, String major, String severity,
 		String newLine = "";
 		if ( bodyString.length() > 0 ) newLine = "\n";
 		return String.format(responseMessage, 
-				StringEscapeUtils.escapeXml(messageId), 
-				StringEscapeUtils.escapeXml(major), 
-				StringEscapeUtils.escapeXml(severity), 
-				StringEscapeUtils.escapeXml(description), 
-				StringEscapeUtils.escapeXml(getHeaderMessageIdentifier()), 
-				StringEscapeUtils.escapeXml(operation), 
-				StringEscapeUtils.escapeXml(minorString), 
+				StringEscapeUtils.escapeXml11(messageId), 
+				StringEscapeUtils.escapeXml11(major), 
+				StringEscapeUtils.escapeXml11(severity), 
+				StringEscapeUtils.escapeXml11(description), 
+				StringEscapeUtils.escapeXml11(getHeaderMessageIdentifier()), 
+				StringEscapeUtils.escapeXml11(operation), 
+				StringEscapeUtils.escapeXml11(minorString), 
 				bodyString, newLine); 
 
 	}

diff --git a/commons/api/pom.xml b/commons/api/pom.xml
@@ -48,6 +48,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>

diff --git a/commons/api/src/java/org/sakaiproject/commons/api/datamodel/Comment.java b/commons/api/src/java/org/sakaiproject/commons/api/datamodel/Comment.java
@@ -25,7 +25,7 @@
 import java.sql.SQLException;
 import java.util.TimeZone;
 
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
 import org.sakaiproject.commons.api.CommonsManager;
 import org.sakaiproject.entity.api.Entity;
 import org.sakaiproject.entity.api.ResourceProperties;
@@ -104,7 +104,7 @@ public void setContent(String text, boolean modified) {
             modifiedDate = Instant.now().toEpochMilli();
         }
 
-        this.content = StringEscapeUtils.unescapeHtml3(text.trim());
+        this.content = StringEscapeUtils.unescapeHtml4(text.trim());
     }
 
     public void setCreatedDate(long createdDate) {

diff --git a/...ons/tool/src/java/org/sakaiproject/commons/tool/entityprovider/CommonsEntityProvider.java b/...ons/tool/src/java/org/sakaiproject/commons/tool/entityprovider/CommonsEntityProvider.java
@@ -37,7 +37,7 @@
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.fileupload.FileItem;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.sakaiproject.commons.api.CommonsEvents;
 import org.sakaiproject.commons.api.CommonsManager;

diff --git a/deploy/pom.xml b/deploy/pom.xml
@@ -485,6 +485,11 @@
             <artifactId>commons-lang3</artifactId>
             <scope>compile</scope>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+            <scope>compile</scope>
+        </dependency>
         <dependency>
             <groupId>commons-validator</groupId>
             <artifactId>commons-validator</artifactId>

diff --git a/entitybroker/rest/pom.xml b/entitybroker/rest/pom.xml
@@ -54,6 +54,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+        </dependency>
         <!-- Data processing -->
         <dependency>
             <groupId>org.azeckoski</groupId>

diff --git a/entitybroker/rest/src/java/org/sakaiproject/entitybroker/rest/EntityEncodingManager.java b/entitybroker/rest/src/java/org/sakaiproject/entitybroker/rest/EntityEncodingManager.java
@@ -35,7 +35,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
 import org.azeckoski.reflectutils.ClassFields;
 import org.azeckoski.reflectutils.ClassFields.FieldsFilter;
 import org.azeckoski.reflectutils.ConstructorUtils;
@@ -564,16 +564,16 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
             if (entityData == null) {
                 sb.append("NO DATA to encode");
             } else {
-                sb.append("    <div style='font-weight:bold;'>"+StringEscapeUtils.escapeHtml3(entityData.getDisplayTitle())+"</div>\n");
+                sb.append("    <div style='font-weight:bold;'>"+StringEscapeUtils.escapeHtml4(entityData.getDisplayTitle())+"</div>\n");
                 sb.append("    <table border='1'>\n");
                 sb.append("      <caption style='font-weight:bold;'>Entity Data</caption>\n");
                 if (! entityData.isDataOnly()) {
-                    sb.append("      <tr><td>entityReference</td><td>"+StringEscapeUtils.escapeHtml3(entityData.getEntityReference())+"</td></tr>\n");
-                    sb.append("      <tr><td>entityURL</td><td>"+StringEscapeUtils.escapeHtml3(entityData.getEntityURL())+"</td></tr>\n");
+                    sb.append("      <tr><td>entityReference</td><td>"+StringEscapeUtils.escapeHtml4(entityData.getEntityReference())+"</td></tr>\n");
+                    sb.append("      <tr><td>entityURL</td><td>"+StringEscapeUtils.escapeHtml4(entityData.getEntityURL())+"</td></tr>\n");
                     if (entityData.getEntityRef() != null) {
-                        sb.append("      <tr><td>entityPrefix</td><td>"+StringEscapeUtils.escapeHtml3(entityData.getEntityRef().getPrefix())+"</td></tr>\n");
+                        sb.append("      <tr><td>entityPrefix</td><td>"+StringEscapeUtils.escapeHtml4(entityData.getEntityRef().getPrefix())+"</td></tr>\n");
                         if (entityData.getEntityRef().getId() != null) {
-                            sb.append("      <tr><td>entityID</td><td>"+StringEscapeUtils.escapeHtml3(entityData.getEntityRef().getId())+"</td></tr>\n");
+                            sb.append("      <tr><td>entityID</td><td>"+StringEscapeUtils.escapeHtml4(entityData.getEntityRef().getId())+"</td></tr>\n");
                         }
                     }
                 }
@@ -592,7 +592,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
                     sb.append("    <table border='1'>\n");
                     sb.append("      <caption style='font-weight:bold;'>Properties</caption>\n");
                     for (Entry<String, Object> entry : props.entrySet()) {
-                        sb.append("      <tr><td>"+StringEscapeUtils.escapeHtml3(entry.getKey())+"</td><td>"+StringEscapeUtils.escapeHtml3(entry.getValue().toString())+"</td></tr>\n");
+                        sb.append("      <tr><td>"+StringEscapeUtils.escapeHtml4(entry.getKey())+"</td><td>"+StringEscapeUtils.escapeHtml4(entry.getValue().toString())+"</td></tr>\n");
                     }
                     sb.append("    </table>\n");
                 }
@@ -636,7 +636,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
                 StringBuilder sb = new StringBuilder(300);
                 String formName = prefix + "-" + (entityData != null ? entityData.getEntityRef().getId() : "xxx");
                 sb.append("  <div style='font-weight:bold;'>");
-                sb.append( StringEscapeUtils.escapeHtml3(entityData != null ? entityData.getDisplayTitle() : prefix) );
+                sb.append( StringEscapeUtils.escapeHtml4(entityData != null ? entityData.getDisplayTitle() : prefix) );
                 if (createable 
                         && ! EntityView.VIEW_NEW.equals(viewKey)) {
                     // add the new link if this is not the create form
@@ -733,7 +733,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
                             if (value != null) {
                                 sVal = ReflectUtils.getInstance().convert(value, String.class);
                             }
-                            sb.append("<input type='text' name=\""+fieldName+"\" value=\""+StringEscapeUtils.escapeHtml3(sVal)+"\" />");
+                            sb.append("<input type='text' name=\""+fieldName+"\" value=\""+StringEscapeUtils.escapeHtml4(sVal)+"\" />");
                         } else if (write) {
                             sb.append("<input type='text' name='"+fieldName+"' />");
                         } else if (read) {
@@ -742,7 +742,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
                             if (value != null) {
                                 sVal = ReflectUtils.getInstance().convert(value, String.class);
                             }
-                            sb.append(StringEscapeUtils.escapeHtml3(sVal));
+                            sb.append(StringEscapeUtils.escapeHtml4(sVal));
                         }
                         if (required) {
                             sb.append(" <b style='color:red;'>*</b> ");

diff --git a/feedback/pom.xml b/feedback/pom.xml
@@ -96,6 +96,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-text</artifactId>
+        </dependency>
         <dependency>
             <groupId>javax.activation</groupId>
             <artifactId>javax.activation-api</artifactId>

diff --git a/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java b/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java
@@ -32,7 +32,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;

diff --git a/kernel/kernel-impl/pom.xml b/kernel/kernel-impl/pom.xml
@@ -126,6 +126,10 @@
 		<groupId>org.apache.commons</groupId>
 		<artifactId>commons-lang3</artifactId>
 	</dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-text</artifactId>
+    </dependency>
     <dependency>
       <groupId>commons-validator</groupId>
       <artifactId>commons-validator</artifactId>

diff --git a/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java b/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java
@@ -25,6 +25,7 @@
 import java.io.UnsupportedEncodingException;
 import java.net.URL;
 import java.net.URI;
+import java.nio.charset.StandardCharsets;
 import java.util.Stack;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -33,8 +34,8 @@
 
 import lombok.extern.slf4j.Slf4j;
 
-import org.apache.commons.lang3.StringEscapeUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.commons.validator.routines.UrlValidator;
 
 import org.w3c.dom.Element;
@@ -512,8 +513,7 @@ public String escapeHtmlFormattedTextSupressNewlines(String value)
      */
     private String escapeHtmlFormattedText(String value, boolean supressNewlines)
     {
-        if (value == null) return "";
-        if (value.length() == 0) return "";
+        if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
         if (cleanUTF8) {
             value = removeSurrogates(value);
         }
@@ -592,8 +592,8 @@ public String escapeHtml(String value, boolean escapeNewlines) {
          * they also depend on this handling a null input and converting it to null
          */
         String val = "";
-        if (value != null && !"".equals(value)) {
-            val = StringEscapeUtils.escapeHtml3(value);
+        if (StringUtils.isNotEmpty(value)){
+            val = StringEscapeUtils.escapeHtml4(value);
             if (escapeNewlines && val != null) {
                 val = val.replace("\n", "<br/>\n");
             }
@@ -619,7 +619,7 @@ public void encodeFormattedTextAttribute(Element element, String baseAttributeNa
     public String encodeUnicode(String value)
     {
         // TODO call method in each process routine
-        if (value == null) return "";
+        if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
 
         try
         {
@@ -651,7 +651,7 @@ public String encodeUnicode(String value)
         catch (Exception e)
         {
             log.error("Validator.escapeHtml: ", e);
-            return "";
+            return StringUtils.EMPTY;
         }
     }
 
@@ -660,12 +660,8 @@ public String encodeUnicode(String value)
      */
     public String unEscapeHtml(String value)
     {
-        if (value == null || value.equals("")) return "";
-        value = value.replaceAll("&lt;", "<");
-        value = value.replaceAll("&gt;", ">");
-        value = value.replaceAll("&amp;", "&");
-        value = value.replaceAll("&quot;", "\"");
-        return value;
+        if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
+        return StringEscapeUtils.unescapeHtml4(value);
     }
 
     /* (non-Javadoc)
@@ -765,10 +761,8 @@ public String processAnchor(String anchor) {
      * @see org.sakaiproject.util.api.FormattedText#processEscapedHtml(java.lang.String)
      */
     public String processEscapedHtml(final String source) {
-        if (source == null)
-            return "";
-        if (source.equals(""))
-            return "";
+        if (StringUtils.isEmpty(source))
+            return StringUtils.EMPTY;
 
         String html = null;
         try {
@@ -1057,7 +1051,7 @@ public String encodeUrlsAsHtml(String text) {
     }
 
     public String escapeJavascript(String value) {
-        if (value == null || "".equals(value)) return "";
+        if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
         try
         {
             StringBuilder buf = new StringBuilder();
@@ -1115,7 +1109,7 @@ public String escapeUrl(String id) {
         try
         {
             // convert the string to bytes in UTF-8
-            byte[] bytes = id.getBytes("UTF-8");
+            byte[] bytes = id.getBytes(StandardCharsets.UTF_8.name());
 
             StringBuilder buf = new StringBuilder();
             for (int i = 0; i < bytes.length; i++)

diff --git a/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java b/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java
@@ -22,12 +22,14 @@
 package org.sakaiproject.util;
 
 import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
 import java.net.URLEncoder;
 import java.util.Enumeration;
 
 import javax.servlet.http.HttpServletRequest;
 
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 
 import org.sakaiproject.component.cover.ServerConfigurationService;
 import org.sakaiproject.exception.IdInvalidException;
@@ -152,7 +154,7 @@ public static String escapeHtmlFormattedTextarea(String value)
      */
     public static String escapeJavascript(String value)
     {
-        if (value == null || "".equals(value)) return "";
+        if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
         try
         {
             StringBuilder buf = new StringBuilder();
@@ -209,7 +211,7 @@ public static String escapeUrl(String id)
 		try
 		{
 			// convert the string to bytes in UTF-8
-			byte[] bytes = id.getBytes("UTF-8");
+			byte[] bytes = id.getBytes(StandardCharsets.UTF_8.name());
 
 			StringBuilder buf = new StringBuilder();
 			for (int i = 0; i < bytes.length; i++)

diff --git a/...lder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java b/...lder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java
@@ -48,8 +48,6 @@
 
 import lombok.extern.slf4j.Slf4j;
 
-import org.apache.commons.lang3.StringEscapeUtils;
-
 import org.w3c.dom.Document;
 
 import uk.org.ponder.messageutil.MessageLocator;