");
- sb.append( StringEscapeUtils.escapeHtml3(entityData != null ? entityData.getDisplayTitle() : prefix) );
+ sb.append( StringEscapeUtils.escapeHtml4(entityData != null ? entityData.getDisplayTitle() : prefix) );
if (createable
&& ! EntityView.VIEW_NEW.equals(viewKey)) {
// add the new link if this is not the create form
@@ -733,7 +733,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
if (value != null) {
sVal = ReflectUtils.getInstance().convert(value, String.class);
}
- sb.append("
");
+ sb.append("
");
} else if (write) {
sb.append("
");
} else if (read) {
@@ -742,7 +742,7 @@ public String encodeEntity(String prefix, String format, EntityData entityData,
if (value != null) {
sVal = ReflectUtils.getInstance().convert(value, String.class);
}
- sb.append(StringEscapeUtils.escapeHtml3(sVal));
+ sb.append(StringEscapeUtils.escapeHtml4(sVal));
}
if (required) {
sb.append("
* ");
diff --git a/feedback/pom.xml b/feedback/pom.xml
index 7b685fccd94f..bf417352629b 100644
--- a/feedback/pom.xml
+++ b/feedback/pom.xml
@@ -96,6 +96,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
javax.activation
javax.activation-api
diff --git a/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java b/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java
index 7a0eb1ee6e27..59fa842929e7 100644
--- a/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java
+++ b/feedback/src/java/org/sakaiproject/feedback/tool/FeedbackTool.java
@@ -32,7 +32,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.springframework.context.ApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
diff --git a/kernel/kernel-impl/pom.xml b/kernel/kernel-impl/pom.xml
index e098b76cb615..ccd00a15e3f7 100644
--- a/kernel/kernel-impl/pom.xml
+++ b/kernel/kernel-impl/pom.xml
@@ -126,6 +126,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
commons-validator
commons-validator
diff --git a/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java b/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java
index 763ed372d223..0fa35deaa93d 100644
--- a/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java
+++ b/kernel/kernel-impl/src/main/java/org/sakaiproject/util/impl/FormattedTextImpl.java
@@ -25,6 +25,7 @@
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URI;
+import java.nio.charset.StandardCharsets;
import java.util.Stack;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@@ -33,8 +34,8 @@
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.validator.routines.UrlValidator;
import org.w3c.dom.Element;
@@ -512,8 +513,7 @@ public String escapeHtmlFormattedTextSupressNewlines(String value)
*/
private String escapeHtmlFormattedText(String value, boolean supressNewlines)
{
- if (value == null) return "";
- if (value.length() == 0) return "";
+ if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
if (cleanUTF8) {
value = removeSurrogates(value);
}
@@ -592,8 +592,8 @@ public String escapeHtml(String value, boolean escapeNewlines) {
* they also depend on this handling a null input and converting it to null
*/
String val = "";
- if (value != null && !"".equals(value)) {
- val = StringEscapeUtils.escapeHtml3(value);
+ if (StringUtils.isNotEmpty(value)){
+ val = StringEscapeUtils.escapeHtml4(value);
if (escapeNewlines && val != null) {
val = val.replace("\n", "
\n");
}
@@ -619,7 +619,7 @@ public void encodeFormattedTextAttribute(Element element, String baseAttributeNa
public String encodeUnicode(String value)
{
// TODO call method in each process routine
- if (value == null) return "";
+ if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
try
{
@@ -651,7 +651,7 @@ public String encodeUnicode(String value)
catch (Exception e)
{
log.error("Validator.escapeHtml: ", e);
- return "";
+ return StringUtils.EMPTY;
}
}
@@ -660,12 +660,8 @@ public String encodeUnicode(String value)
*/
public String unEscapeHtml(String value)
{
- if (value == null || value.equals("")) return "";
- value = value.replaceAll("<", "<");
- value = value.replaceAll(">", ">");
- value = value.replaceAll("&", "&");
- value = value.replaceAll(""", "\"");
- return value;
+ if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
+ return StringEscapeUtils.unescapeHtml4(value);
}
/* (non-Javadoc)
@@ -765,10 +761,8 @@ public String processAnchor(String anchor) {
* @see org.sakaiproject.util.api.FormattedText#processEscapedHtml(java.lang.String)
*/
public String processEscapedHtml(final String source) {
- if (source == null)
- return "";
- if (source.equals(""))
- return "";
+ if (StringUtils.isEmpty(source))
+ return StringUtils.EMPTY;
String html = null;
try {
@@ -1057,7 +1051,7 @@ public String encodeUrlsAsHtml(String text) {
}
public String escapeJavascript(String value) {
- if (value == null || "".equals(value)) return "";
+ if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
try
{
StringBuilder buf = new StringBuilder();
@@ -1115,7 +1109,7 @@ public String escapeUrl(String id) {
try
{
// convert the string to bytes in UTF-8
- byte[] bytes = id.getBytes("UTF-8");
+ byte[] bytes = id.getBytes(StandardCharsets.UTF_8.name());
StringBuilder buf = new StringBuilder();
for (int i = 0; i < bytes.length; i++)
diff --git a/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java b/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java
index c46d14893771..ef0da5430982 100644
--- a/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java
+++ b/kernel/kernel-util/src/main/java/org/sakaiproject/util/Validator.java
@@ -22,12 +22,14 @@
package org.sakaiproject.util;
import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
import java.net.URLEncoder;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
import org.sakaiproject.component.cover.ServerConfigurationService;
import org.sakaiproject.exception.IdInvalidException;
@@ -152,7 +154,7 @@ public static String escapeHtmlFormattedTextarea(String value)
*/
public static String escapeJavascript(String value)
{
- if (value == null || "".equals(value)) return "";
+ if (StringUtils.isEmpty(value)) return StringUtils.EMPTY;
try
{
StringBuilder buf = new StringBuilder();
@@ -209,7 +211,7 @@ public static String escapeUrl(String id)
try
{
// convert the string to bytes in UTF-8
- byte[] bytes = id.getBytes("UTF-8");
+ byte[] bytes = id.getBytes(StandardCharsets.UTF_8.name());
StringBuilder buf = new StringBuilder();
for (int i = 0; i < bytes.length; i++)
diff --git a/lessonbuilder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java b/lessonbuilder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java
index db9c8cacc39b..ce9bf5ed0983 100644
--- a/lessonbuilder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java
+++ b/lessonbuilder/tool/opt-src/java/org/sakaiproject/lessonbuildertool/ccexport/Assignment2Export.java
@@ -48,8 +48,6 @@
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
-
import org.w3c.dom.Document;
import uk.org.ponder.messageutil.MessageLocator;
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/AssignmentExport.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/AssignmentExport.java
index a93bbfe5eadf..867a117cc4f4 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/AssignmentExport.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/AssignmentExport.java
@@ -28,7 +28,7 @@
import java.util.List;
import java.util.Set;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.assignment.api.AssignmentService;
import org.sakaiproject.assignment.api.model.Assignment;
import org.sakaiproject.component.cover.ComponentManager;
@@ -299,11 +299,11 @@ static String outputAttachments(CCExport.Resource resource, Listattachme
// assumption here is that if the user entered a URL, it's in valid syntax
// if we generate it from file location, it needs to be escaped
if (URL != null) {
- out.append("" + StringEscapeUtils.escapeHtml3(URL) + "\n");
+ out.append("" + StringEscapeUtils.escapeHtml4(URL) + "\n");
} else {
URL = prefix + Validator.escapeUrl(location); // else it's in the normal site content
URL = URL.replaceAll("//", "/");
- out.append("" + StringEscapeUtils.escapeHtml3(lastAtom) + "
\n");
+ out.append("" + StringEscapeUtils.escapeHtml4(lastAtom) + "
\n");
bean.addDependency(resource, sakaiId);
}
}
@@ -353,11 +353,11 @@ public boolean outputEntity2(String assignmentRef, ZipPrintStream out, PrintStre
if (title == null || title.length() == 0)
title = "Assignment";
- out.println(" " + StringEscapeUtils.escapeXml(title) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(title) + "");
if (useAttachments || attachments.size() == 0)
out.println(" " + instructions + "");
else
- out.println(" " + StringEscapeUtils.escapeXml("") + instructions + StringEscapeUtils.escapeXml(outputAttachments(resource, attachments, bean, "$IMS-CC-FILEBASE$../") + "
") + "");
+ out.println(" " + StringEscapeUtils.escapeXml11("") + instructions + StringEscapeUtils.escapeXml11(outputAttachments(resource, attachments, bean, "$IMS-CC-FILEBASE$../") + "
") + "");
// spec requires an instructor text even though we don't normally have one.
out.println("");
@@ -386,11 +386,11 @@ public boolean outputEntity2(String assignmentRef, ZipPrintStream out, PrintStre
String lastAtom = sakaiId.substring(lastSlash + 1);
if (URL != null) {
- out.println(" ");
+ out.println(" ");
} else {
URL = "../" + location; // else it's in the normal site content
URL = URL.replaceAll("//", "/");
- out.println(" ");
+ out.println(" ");
bean.addDependency(resource, sakaiId);
}
}
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/BltiExport.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/BltiExport.java
index 34abc06d2435..13fa146b71f3 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/BltiExport.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/BltiExport.java
@@ -21,7 +21,7 @@
import java.util.List;
import java.util.Map;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.component.cover.ComponentManager;
import org.sakaiproject.component.cover.ServerConfigurationService;
import org.sakaiproject.lessonbuildertool.model.SimplePageToolDao;
@@ -155,7 +155,7 @@ public boolean outputEntity(String bltiRef, ZipPrintStream out, PrintStream errS
out.println(" xsi:schemaLocation = \"http://www.imsglobal.org/xsd/imslticc_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticc_v1p0p1.xsd http://www.imsglobal.org/xsd/imsbasiclti_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imsbasiclti_v1p0p1.xsd http://www.imsglobal.org/xsd/imslticm_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticm_v1p0.xsd http://www.imsglobal.org/xsd/imslticp_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticp_v1p0.xsd\">");
}
- out.println(" " + StringEscapeUtils.escapeXml(title) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(title) + "");
if (custom.size() > 0) {
out.println(" ");
@@ -165,15 +165,15 @@ public boolean outputEntity(String bltiRef, ZipPrintStream out, PrintStream errS
if (k >= 0) {
String key = attr.substring(0, k).trim();
String value = attr.substring(k + 1).trim();
- out.println(" " + StringEscapeUtils.escapeXml(value) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(value) + "");
}
}
out.println(" ");
}
- out.println(" " + StringEscapeUtils.escapeXml(launch_url) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(launch_url) + "");
out.println(" ");
- out.println(" " + StringEscapeUtils.escapeXml(ServerConfigurationService.getServerName()) + "");
- out.println(" " + StringEscapeUtils.escapeXml(ServerConfigurationService.getString("ui.institution", "Sakai")) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(ServerConfigurationService.getServerName()) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(ServerConfigurationService.getString("ui.institution", "Sakai")) + "");
out.println(" ");
out.println("");
return true;
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/CCExport.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/CCExport.java
index 40452d5df57b..3cf8321f6513 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/CCExport.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/CCExport.java
@@ -54,7 +54,7 @@
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import uk.org.ponder.messageutil.MessageLocator;
@@ -729,7 +729,7 @@ public SimplePageItem outputLessonPage(ZipPrintStream out, Long pageId, String t
pagesDone.add(pageId);
outputIndent(out, indent); out.println("- ");
- outputIndent(out, indent + 2); out.println("" + StringEscapeUtils.escapeXml(title) + "");
+ outputIndent(out, indent + 2); out.println("" + StringEscapeUtils.escapeXml11(title) + "");
List items = simplePageToolDao.findItemsOnPage(pageId.longValue());
for (SimplePageItem item : items) {
@@ -868,7 +868,7 @@ else if (!multiplenext) {
else
ititle = messageLocator.getMessage("simplepage.importcc-texttitle");
}
- outputIndent(out, indent + 4); out.println("" + StringEscapeUtils.escapeXml(ititle) + "");
+ outputIndent(out, indent + 4); out.println("" + StringEscapeUtils.escapeXml11(ititle) + "");
// output Sakai-specific information, if any
outputItemMetadata(out, indent, item);
outputIndent(out, indent + 2); out.println("
");
@@ -948,7 +948,7 @@ public boolean outputManifest(ZipPrintStream out) {
out.println(" ");
out.println(" ");
out.println(" ");
- out.println(" " + StringEscapeUtils.escapeXml(title) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(title) + "");
out.println(" ");
// out.println(" ");
// out.println(" Sakai Export, including only files from site");
@@ -979,7 +979,7 @@ public boolean outputManifest(ZipPrintStream out) {
out.println(" ");
out.println(" ");
out.println(" ");
- out.println(" " + StringEscapeUtils.escapeXml(title) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(title) + "");
out.println(" ");
out.println(" ");
out.println(" ");
@@ -988,7 +988,7 @@ public boolean outputManifest(ZipPrintStream out) {
default:
out.print(
- "\n\n \n IMS Common Cartridge\n 1.2.0\n \n \n \n " + StringEscapeUtils.escapeXml(title) + "\n \n \n \n \n ");
+ "\n\n \n IMS Common Cartridge\n 1.2.0\n \n \n \n " + StringEscapeUtils.escapeXml11(title) + "\n \n \n \n \n ");
}
out.println(" ");
@@ -1033,16 +1033,16 @@ public boolean outputManifest(ZipPrintStream out) {
String type = "webcontent";
if (((Resource)entry.getValue()).islink)
type = linkid;
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
out.println(" ");
}
for (Map.Entry entry: samigoMap.entrySet()) {
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
out.println(" ");
@@ -1050,8 +1050,8 @@ public boolean outputManifest(ZipPrintStream out) {
// question bank
for (Map.Entry entry: poolMap.entrySet()) {
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
out.println(" ");
@@ -1059,8 +1059,8 @@ public boolean outputManifest(ZipPrintStream out) {
for (Map.Entry entry: assignmentMap.entrySet()) {
String variantId = null;
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
if (version >= V13) {
@@ -1074,8 +1074,8 @@ public boolean outputManifest(ZipPrintStream out) {
// output the preferred version for 1.3 and up
if (version >= V13) {
String xmlHref = "cc-objects/" + entry.getValue().resourceId + ".xml";
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
out.println(" ");
@@ -1083,16 +1083,16 @@ public boolean outputManifest(ZipPrintStream out) {
}
for (Map.Entry entry: forumsMap.entrySet()) {
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d: entry.getValue().dependencies)
out.println(" ");
out.println(" ");
}
for (Map.Entry entry : this.bltiMap.entrySet()) {
- out.println(" ");
- out.println(" ");
+ out.println(" ");
+ out.println(" ");
for (String d : ((Resource)entry.getValue()).dependencies)
out.println(" ");
out.println(" ");
@@ -1132,8 +1132,8 @@ public boolean outputManifest(ZipPrintStream out) {
out.println("");
- out.println(" " + StringEscapeUtils.escapeXml(res.title) + "");
- out.println(" ");
+ out.println(" " + StringEscapeUtils.escapeXml11(res.title) + "");
+ out.println(" ");
out.println("");
break;
case V13:
@@ -1141,8 +1141,8 @@ public boolean outputManifest(ZipPrintStream out) {
out.println("");
- out.println(" " + StringEscapeUtils.escapeXml(res.title) + "");
- out.println(" ");
+ out.println(" " + StringEscapeUtils.escapeXml11(res.title) + "");
+ out.println(" ");
out.println("");
break;
default:
@@ -1150,8 +1150,8 @@ public boolean outputManifest(ZipPrintStream out) {
out.println("");
- out.println(" " + StringEscapeUtils.escapeXml(res.title) + "");
- out.println(" ");
+ out.println(" " + StringEscapeUtils.escapeXml11(res.title) + "");
+ out.println(" ");
out.println("");
}
}
@@ -1317,7 +1317,7 @@ public String fixup (String s, Resource resource) {
}
}
}
- return StringEscapeUtils.escapeXml(ret.toString());
+ return StringEscapeUtils.escapeXml11(ret.toString());
}
// turns the links into relative links
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/ForumsExport.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/ForumsExport.java
index 4ce7d416eaaf..4af6ddd4141c 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/ForumsExport.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/ForumsExport.java
@@ -28,7 +28,7 @@
import java.util.List;
import java.util.Set;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.api.app.messageforums.Attachment;
import org.sakaiproject.api.app.messageforums.DiscussionForum;
import org.sakaiproject.api.app.messageforums.DiscussionTopic;
@@ -263,7 +263,7 @@ public boolean outputEntity(String forumRef, ZipPrintStream out, PrintStream err
default:
out.println("");
}
- out.println(" " + StringEscapeUtils.escapeXml(item.title) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(item.title) + "");
boolean useAttachments = (item.attachments.size() > 0);
Listattachments = new ArrayList();
@@ -294,7 +294,7 @@ public boolean outputEntity(String forumRef, ZipPrintStream out, PrintStream err
if (useAttachments || item.attachments.size() == 0 )
out.println(" " + text + "");
else
- out.println(" " + text + StringEscapeUtils.escapeXml(AssignmentExport.outputAttachments(resource, attachments, bean, "$IMS-CC-FILEBASE$../")) + "");
+ out.println(" " + text + StringEscapeUtils.escapeXml11(AssignmentExport.outputAttachments(resource, attachments, bean, "$IMS-CC-FILEBASE$../")) + "");
if (useAttachments) {
out.println(" ");
@@ -324,7 +324,7 @@ public boolean outputEntity(String forumRef, ZipPrintStream out, PrintStream err
lastAtom = URL; // for URL use the whole URL for the text
else {
URL = "../" + bean.getLocation(physical);
- URL = StringEscapeUtils.escapeXml(URL.replaceAll("//", "/"));
+ URL = StringEscapeUtils.escapeXml11(URL.replaceAll("//", "/"));
}
out.println(" ");
bean.addDependency(resource, physical);
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/SamigoExport.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/SamigoExport.java
index 0702f8eddb8a..fa4407433941 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/SamigoExport.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/ccexport/SamigoExport.java
@@ -31,7 +31,7 @@
import java.util.List;
import java.util.Set;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.lessonbuildertool.model.SimplePageToolDao;
import org.sakaiproject.lessonbuildertool.service.LessonEntity;
import org.sakaiproject.tool.assessment.data.ifc.assessment.AnswerIfc;
@@ -176,7 +176,7 @@ public boolean outputEntity(String samigoId, ZipPrintStream out, PrintStream err
out.println("xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xsi:schemaLocation=\"http://www.imsglobal.org/xsd/ims_qtiasiv1p2 http://www.imsglobal.org/profile/cc/ccv1p2/ccv1p2_qtiasiv1p2p1_v1p0.xsd\">");
}
- out.println(" ");
+ out.println(" ");
out.println(" ");
outputQuestions(publishedItemList, null, assessmentTitle, out, errStream, ccExport, resource, version);
@@ -375,7 +375,7 @@ public int compare (Object o1, Object o2) {
}
}
- out.println(" - ");
+ out.println("
- ");
out.println(" ");
out.println(" ");
out.println(" ");
@@ -623,9 +623,9 @@ public int compare (Object o1, Object o2) {
}
if (substr)
- out.println(" " + StringEscapeUtils.escapeXml(answer) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(answer) + "");
else
- out.println(" " + StringEscapeUtils.escapeXml(answer) + "");
+ out.println(" " + StringEscapeUtils.escapeXml11(answer) + "");
}
out.println(" ");
diff --git a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/tool/producers/LinkTrackerProducer.java b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/tool/producers/LinkTrackerProducer.java
index 69f536032f6d..d3fe079b20dc 100644
--- a/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/tool/producers/LinkTrackerProducer.java
+++ b/lessonbuilder/tool/src/java/org/sakaiproject/lessonbuildertool/tool/producers/LinkTrackerProducer.java
@@ -27,7 +27,7 @@
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import uk.org.ponder.localeutil.LocaleGetter;
import uk.org.ponder.messageutil.MessageLocator;
diff --git a/lessonbuilder/tool/src/webapp/removePage.jsp b/lessonbuilder/tool/src/webapp/removePage.jsp
index 2e5cbba7652b..86b86454771d 100644
--- a/lessonbuilder/tool/src/webapp/removePage.jsp
+++ b/lessonbuilder/tool/src/webapp/removePage.jsp
@@ -13,7 +13,7 @@
%><%@ page import="org.sakaiproject.event.cover.EventTrackingService" %><%
%><%@ page import="org.sakaiproject.lessonbuildertool.api.LessonBuilderEvents" %><%
%><%@ page import="org.sakaiproject.lessonbuildertool.SimplePage" %><%
-%><%@ page import="org.apache.commons.lang.StringEscapeUtils" %>
+%><%@ page import="org.apache.commons.text.StringEscapeUtils" %>
@@ -46,7 +46,7 @@
try {
site = SiteService.getSite(siteId);
} catch (Exception e) {
- out.println(StringEscapeUtils.escapeHtml(e.toString()));
+ out.println(StringEscapeUtils.escapeHtml4(e.toString()));
return;
}
@@ -61,7 +61,7 @@
if (!(SecurityService.unlock(userId, SiteService.SECURE_UPDATE_SITE, siteReference) ||
SecurityService.isSuperUser())) {
- out.println(StringEscapeUtils.escapeHtml("sorry, you aren't allowed to update this site " + userId + " " + siteReference));
+ out.println(StringEscapeUtils.escapeHtml4("sorry, you aren't allowed to update this site " + userId + " " + siteReference));
return;
}
@@ -86,7 +86,7 @@
SitePage sitePage = site.getPage(simplePage.getToolId());
if (sitePage == null) {
- out.println(StringEscapeUtils.escapeHtml("removePage can't find site page for " + simplePage.getPageId()));
+ out.println(StringEscapeUtils.escapeHtml4("removePage can't find site page for " + simplePage.getPageId()));
return;
}
@@ -95,7 +95,7 @@
try {
SiteService.save(site);
} catch (Exception e) {
- out.println(StringEscapeUtils.escapeHtml("removePage unable to save site " + e));
+ out.println(StringEscapeUtils.escapeHtml4("removePage unable to save site " + e));
}
EventTrackingService.post(EventTrackingService.newEvent(LessonBuilderEvents.PAGE_REMOVE, "/lessonbuilder/page/" + simplePage.getPageId(), true));
diff --git a/login/login-tool/tool/pom.xml b/login/login-tool/tool/pom.xml
index 441afc056094..bb7a3e8bd7d9 100644
--- a/login/login-tool/tool/pom.xml
+++ b/login/login-tool/tool/pom.xml
@@ -44,6 +44,10 @@
jar
provided
+
+ org.apache.commons
+ commons-text
+
com.google.code.findbugs
annotations
diff --git a/login/login-tool/tool/src/java/org/sakaiproject/login/tool/SkinnableLogin.java b/login/login-tool/tool/src/java/org/sakaiproject/login/tool/SkinnableLogin.java
index 1b6ca190dd36..48c6b3735bd2 100644
--- a/login/login-tool/tool/src/java/org/sakaiproject/login/tool/SkinnableLogin.java
+++ b/login/login-tool/tool/src/java/org/sakaiproject/login/tool/SkinnableLogin.java
@@ -36,7 +36,7 @@
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.sakaiproject.authz.api.AuthzGroupService;
@@ -477,8 +477,8 @@ public LoginRenderContext startPageContext(String skin, HttpServletRequest reque
rcontext.put("containerText", containerText);
rcontext.put("loginContainerUrl", loginContainerUrl);
- String eid = StringEscapeUtils.escapeHtml3(request.getParameter("eid"));
- String pw = StringEscapeUtils.escapeHtml3(request.getParameter("pw"));
+ String eid = StringEscapeUtils.escapeHtml4(request.getParameter("eid"));
+ String pw = StringEscapeUtils.escapeHtml4(request.getParameter("pw"));
if (eid == null)
eid = "";
diff --git a/polls/tool/pom.xml b/polls/tool/pom.xml
index 4399133b81d9..f66fe39a6cb2 100644
--- a/polls/tool/pom.xml
+++ b/polls/tool/pom.xml
@@ -45,7 +45,11 @@
org.apache.commons
commons-lang3
-
+
+
+ org.apache.commons
+ commons-text
+
org.springframework
spring-context
diff --git a/polls/tool/src/java/org/sakaiproject/poll/tool/validators/OptionValidator.java b/polls/tool/src/java/org/sakaiproject/poll/tool/validators/OptionValidator.java
index faca9bd97748..d50d9dfe8d55 100644
--- a/polls/tool/src/java/org/sakaiproject/poll/tool/validators/OptionValidator.java
+++ b/polls/tool/src/java/org/sakaiproject/poll/tool/validators/OptionValidator.java
@@ -22,7 +22,7 @@
package org.sakaiproject.poll.tool.validators;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.springframework.validation.Errors;
import org.springframework.validation.Validator;
@@ -66,7 +66,7 @@ public void validate(Object obj, Errors errors) {
String text = option.getText();
text = PollUtils.cleanupHtmlPtags(text);
text = text.replace(" ", "");
- text = StringEscapeUtils.unescapeHtml3(text).trim();
+ text = StringEscapeUtils.unescapeHtml4(text).trim();
log.debug("text to validate is: " + text);
if (text.trim().length()==0) {
log.debug("OptionText is empty! (after excaping html)");
diff --git a/portal/portal-chat/tool/pom.xml b/portal/portal-chat/tool/pom.xml
index 916e00ecdfc2..e188b3497a8c 100644
--- a/portal/portal-chat/tool/pom.xml
+++ b/portal/portal-chat/tool/pom.xml
@@ -72,7 +72,11 @@
org.apache.commons
commons-lang3
-
+
+
+ org.apache.commons
+ commons-text
+
diff --git a/portal/portal-chat/tool/src/java/org/sakaiproject/portal/chat/entity/PCServiceEntityProvider.java b/portal/portal-chat/tool/src/java/org/sakaiproject/portal/chat/entity/PCServiceEntityProvider.java
index b2bc4a894fb0..7a79c98638bc 100644
--- a/portal/portal-chat/tool/src/java/org/sakaiproject/portal/chat/entity/PCServiceEntityProvider.java
+++ b/portal/portal-chat/tool/src/java/org/sakaiproject/portal/chat/entity/PCServiceEntityProvider.java
@@ -30,7 +30,7 @@
import java.util.concurrent.ConcurrentHashMap;
import java.util.UUID;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.jgroups.Address;
import org.jgroups.Channel;
import org.jgroups.JChannel;
diff --git a/portal/portal-impl/impl/pom.xml b/portal/portal-impl/impl/pom.xml
index 9b9cfd42bf32..f89be9eb8eb6 100644
--- a/portal/portal-impl/impl/pom.xml
+++ b/portal/portal-impl/impl/pom.xml
@@ -146,6 +146,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
org.sakaiproject.lessonbuilder
lessonbuilder-api
diff --git a/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/BufferedContentRenderResult.java b/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/BufferedContentRenderResult.java
index 077078003764..8e8fae621641 100644
--- a/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/BufferedContentRenderResult.java
+++ b/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/BufferedContentRenderResult.java
@@ -16,7 +16,7 @@
package org.sakaiproject.portal.charon;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.portal.render.api.RenderResult;
import org.sakaiproject.portal.render.api.ToolRenderException;
import org.sakaiproject.site.api.ToolConfiguration;
diff --git a/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/site/MoreSiteViewImpl.java b/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/site/MoreSiteViewImpl.java
index 221386a267bb..6c408ae3ed89 100644
--- a/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/site/MoreSiteViewImpl.java
+++ b/portal/portal-impl/impl/src/java/org/sakaiproject/portal/charon/site/MoreSiteViewImpl.java
@@ -33,7 +33,7 @@
import javax.servlet.http.HttpServletRequest;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.component.api.ServerConfigurationService;
import org.sakaiproject.entity.api.ResourceProperties;
import org.sakaiproject.exception.IdUnusedException;
@@ -337,7 +337,7 @@ public int compare(Map first, Map second)
String secondTitle = (String) second.get("siteTitle");
if (firstTitle != null)
- return StringEscapeUtils.unescapeHtml3(firstTitle).compareToIgnoreCase(StringEscapeUtils.unescapeHtml3(secondTitle));
+ return StringEscapeUtils.unescapeHtml4(firstTitle).compareToIgnoreCase(StringEscapeUtils.unescapeHtml4(secondTitle));
return 0;
diff --git a/postem/postem-app/pom.xml b/postem/postem-app/pom.xml
index b9474e8e289e..3db26f2e857c 100644
--- a/postem/postem-app/pom.xml
+++ b/postem/postem-app/pom.xml
@@ -107,6 +107,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
javax.servlet.jsp
javax.servlet.jsp-api
diff --git a/postem/postem-app/src/java/org/sakaiproject/tool/postem/PostemTool.java b/postem/postem-app/src/java/org/sakaiproject/tool/postem/PostemTool.java
index a8180ee31610..f26fa021245f 100644
--- a/postem/postem-app/src/java/org/sakaiproject/tool/postem/PostemTool.java
+++ b/postem/postem-app/src/java/org/sakaiproject/tool/postem/PostemTool.java
@@ -39,7 +39,7 @@
import javax.faces.context.FacesContext;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.myfaces.shared_impl.util.MessageUtils;
import org.sakaiproject.api.app.postem.data.Gradebook;
@@ -281,7 +281,7 @@ public String getCurrentStudentGrades() {
}
if (currentStudent == null) {
return "" + msgs.getFormattedMessage("no_grades_for_user",
- new Object[]{StringEscapeUtils.escapeHtml3(currentGradebook.getTitle())}) + "
";
+ new Object[]{StringEscapeUtils.escapeHtml4(currentGradebook.getTitle())}) + "";
}
return currentStudent.formatGrades();
@@ -294,7 +294,7 @@ public String getFirstStudentGrades() {
Set students = currentGradebook.getStudents();
if (students.size() == 0) {
return "" + msgs.getFormattedMessage("no_grades_in_gradebook",
- new Object[]{StringEscapeUtils.escapeHtml3(currentGradebook.getTitle())}) + "
";
+ new Object[]{StringEscapeUtils.escapeHtml4(currentGradebook.getTitle())}) + "";
}
if (currentGradebook.getFirstUploadedUsername() != null) {
StudentGrades student = currentGradebook.studentGrades(currentGradebook.getFirstUploadedUsername());
@@ -312,7 +312,7 @@ public String getSelectedStudentGrades() {
if (currentGradebook.getUsernames() == null || currentGradebook.getUsernames().isEmpty()) {
return "" + msgs.getFormattedMessage("no_grades_in_gradebook",
- new Object[]{StringEscapeUtils.escapeHtml3(currentGradebook.getTitle())}) + "
";
+ new Object[]{StringEscapeUtils.escapeHtml4(currentGradebook.getTitle())}) + "";
}
if (selectedStudent == null || selectedStudent.equals("")) {
diff --git a/postem/postem-hbm/pom.xml b/postem/postem-hbm/pom.xml
index 12355b2ee082..f688bc087a2e 100644
--- a/postem/postem-hbm/pom.xml
+++ b/postem/postem-hbm/pom.xml
@@ -33,6 +33,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
diff --git a/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/GradebookImpl.java b/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/GradebookImpl.java
index 396586b61c69..d3c64a61ff73 100644
--- a/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/GradebookImpl.java
+++ b/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/GradebookImpl.java
@@ -35,7 +35,7 @@
import java.util.TreeMap;
import java.util.TreeSet;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.api.app.postem.data.Gradebook;
import org.sakaiproject.api.app.postem.data.StudentGrades;
import org.sakaiproject.api.app.postem.data.Template;
@@ -328,7 +328,7 @@ public String getHeadingsRow() {
headingBuffer.append(";' >");
headingBuffer.append(current);
headingBuffer.append("");*/
- headingBuffer.append("" + StringEscapeUtils.escapeHtml3(current) + " | ");
+ headingBuffer.append("" + StringEscapeUtils.escapeHtml4(current) + " | ");
ii++;
}
/*StringBuilder newBuffer = new StringBuilder();
diff --git a/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/StudentGradesImpl.java b/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/StudentGradesImpl.java
index f5667038cbb8..16fbb3c2a1d8 100644
--- a/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/StudentGradesImpl.java
+++ b/postem/postem-hbm/src/java/org/sakaiproject/component/app/postem/data/StudentGradesImpl.java
@@ -30,7 +30,7 @@
import java.util.Iterator;
import java.util.List;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.sakaiproject.api.app.postem.data.Gradebook;
import org.sakaiproject.api.app.postem.data.StudentGrades;
import org.sakaiproject.api.app.postem.data.Template;
@@ -168,28 +168,28 @@ public String formatGrades() {
gradeBuffer.append("");
if (h2.size() != 0) {
- gradeBuffer.append("| " + StringEscapeUtils.escapeHtml3(h2.get(0).toString()) + " | ");
+ gradeBuffer.append(" |
|---|
| " + StringEscapeUtils.escapeHtml4(h2.get(0).toString()) + " | ");
h2.remove(0);
- gradeBuffer.append(StringEscapeUtils.escapeHtml3(getUsername()));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4(getUsername()));
gradeBuffer.append(" |
|---|
");
Iterator ii = h2.iterator();
Iterator jj = grades.iterator();
while (ii.hasNext()) {
gradeBuffer.append("| ");
- gradeBuffer.append(StringEscapeUtils.escapeHtml3((String) ii.next()));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4((String) ii.next()));
gradeBuffer.append(" | ");
- gradeBuffer.append(StringEscapeUtils.escapeHtml3((String) jj.next()));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4((String) jj.next()));
gradeBuffer.append(" |
|---|
");
}
} else {
gradeBuffer.append("| ");
- gradeBuffer.append(StringEscapeUtils.escapeHtml3(getUsername()));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4(getUsername()));
gradeBuffer.append(" |
");
Iterator jj = grades.iterator();
while (jj.hasNext()) {
gradeBuffer.append("| ");
- gradeBuffer.append(StringEscapeUtils.escapeHtml3((String) jj.next()));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4((String) jj.next()));
gradeBuffer.append(" |
");
}
}
@@ -220,7 +220,7 @@ public String getGradesRow() {
gradeBuffer.append(width);
gradeBuffer.append(";' >");*/
gradeBuffer.append("");
- gradeBuffer.append(StringEscapeUtils.escapeHtml3(current));
+ gradeBuffer.append(StringEscapeUtils.escapeHtml4(current));
gradeBuffer.append(" | ");
ii++;
}
diff --git a/profile2/impl/pom.xml b/profile2/impl/pom.xml
index db096716e15f..306ff0d0a4ee 100644
--- a/profile2/impl/pom.xml
+++ b/profile2/impl/pom.xml
@@ -52,7 +52,11 @@
org.apache.commons
commons-lang3
-
+
+
+ org.apache.commons
+ commons-text
+
org.sakaiproject.genericdao
generic-dao
diff --git a/profile2/impl/src/java/org/sakaiproject/profile2/logic/SakaiProxyImpl.java b/profile2/impl/src/java/org/sakaiproject/profile2/logic/SakaiProxyImpl.java
index a1f6de73b79a..964a1fedea43 100644
--- a/profile2/impl/src/java/org/sakaiproject/profile2/logic/SakaiProxyImpl.java
+++ b/profile2/impl/src/java/org/sakaiproject/profile2/logic/SakaiProxyImpl.java
@@ -25,7 +25,7 @@
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.sakaiproject.api.common.edu.person.SakaiPerson;
@@ -705,7 +705,7 @@ private String formatMessage(final String subject, final String message) {
sb.append(this.MIME_ADVISORY);
sb.append(this.BOUNDARY_LINE);
sb.append(this.PLAIN_TEXT_HEADERS);
- sb.append(StringEscapeUtils.escapeHtml3(message));
+ sb.append(StringEscapeUtils.escapeHtml4(message));
sb.append(this.BOUNDARY_LINE);
sb.append(this.HTML_HEADERS);
sb.append(htmlPreamble(subject));
diff --git a/profile2/tool/pom.xml b/profile2/tool/pom.xml
index ef4b3908487b..cb76909e431e 100644
--- a/profile2/tool/pom.xml
+++ b/profile2/tool/pom.xml
@@ -36,6 +36,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
org.twitter4j
twitter4j-core
diff --git a/profile2/tool/src/java/org/sakaiproject/profile2/tool/entityprovider/ProfileEntityProvider.java b/profile2/tool/src/java/org/sakaiproject/profile2/tool/entityprovider/ProfileEntityProvider.java
index 23e0c0d9daf3..eaa995e98a3b 100644
--- a/profile2/tool/src/java/org/sakaiproject/profile2/tool/entityprovider/ProfileEntityProvider.java
+++ b/profile2/tool/src/java/org/sakaiproject/profile2/tool/entityprovider/ProfileEntityProvider.java
@@ -26,7 +26,7 @@
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.sakaiproject.entitybroker.EntityReference;
import org.sakaiproject.entitybroker.EntityView;
@@ -496,7 +496,7 @@ private String getUserProfileAsHTML(UserProfile userProfile, String siteId, bool
String displayName = userProfile.getDisplayName();
if(StringUtils.isNotBlank(displayName)) {
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(displayName));
+ sb.append(StringEscapeUtils.escapeHtml4(displayName));
sb.append("
");
}
@@ -505,7 +505,7 @@ private String getUserProfileAsHTML(UserProfile userProfile, String siteId, bool
String message = userProfile.getStatus().getMessage();
if(StringUtils.isNotBlank(message)) {
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(message));
+ sb.append(StringEscapeUtils.escapeHtml4(message));
sb.append("
");
}
@@ -556,7 +556,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.nickname"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(nickname).toString());
+ sb.append(StringEscapeUtils.escapeHtml4(nickname).toString());
sb.append("");
}
if(StringUtils.isNotBlank(userProfile.getPersonalSummary())) {
@@ -637,7 +637,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.position"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(position));
+ sb.append(StringEscapeUtils.escapeHtml4(position));
sb.append("");
}
@@ -647,7 +647,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.department"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(department));
+ sb.append(StringEscapeUtils.escapeHtml4(department));
sb.append("");
}
@@ -657,7 +657,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.school"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(school));
+ sb.append(StringEscapeUtils.escapeHtml4(school));
sb.append("");
}
@@ -667,7 +667,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.room"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(room));
+ sb.append(StringEscapeUtils.escapeHtml4(room));
sb.append("");
}
@@ -677,7 +677,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.course"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(course));
+ sb.append(StringEscapeUtils.escapeHtml4(course));
sb.append("");
}
@@ -687,7 +687,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.subjects"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(subjects));
+ sb.append(StringEscapeUtils.escapeHtml4(subjects));
sb.append("");
}
@@ -699,7 +699,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.favouriteBooks"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(favouriteBooks));
+ sb.append(StringEscapeUtils.escapeHtml4(favouriteBooks));
sb.append("");
}
@@ -709,7 +709,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.favouriteTvShows"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(favouriteTvShows));
+ sb.append(StringEscapeUtils.escapeHtml4(favouriteTvShows));
sb.append("");
}
@@ -719,7 +719,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.favouriteMovies"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(favouriteMovies));
+ sb.append(StringEscapeUtils.escapeHtml4(favouriteMovies));
sb.append("");
}
@@ -729,7 +729,7 @@ else if(connectionStatus == ProfileConstants.CONNECTION_INCOMING) {
sb.append("");
sb.append(Messages.getString("Label.favouriteQuotes"));
sb.append("");
- sb.append(StringEscapeUtils.escapeHtml3(favouriteQuotes));
+ sb.append(StringEscapeUtils.escapeHtml4(favouriteQuotes));
sb.append("");
}
diff --git a/profile2/util/src/java/org/sakaiproject/profile2/util/ProfileUtils.java b/profile2/util/src/java/org/sakaiproject/profile2/util/ProfileUtils.java
index 6798ffd61245..55b5f5f70114 100644
--- a/profile2/util/src/java/org/sakaiproject/profile2/util/ProfileUtils.java
+++ b/profile2/util/src/java/org/sakaiproject/profile2/util/ProfileUtils.java
@@ -39,7 +39,7 @@
import javax.imageio.ImageIO;
import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateUtils;
import org.apache.commons.text.WordUtils;
@@ -429,7 +429,7 @@ public static String stripAndCleanHtml(String s) {
String stripped = FormattedText.convertFormattedTextToPlaintext(s);
//so we escape anything that is left
- return StringEscapeUtils.escapeHtml3(stripped);
+ return StringEscapeUtils.escapeHtml4(stripped);
}
/**
diff --git a/rubrics/impl/pom.xml b/rubrics/impl/pom.xml
index 04135d33b4b0..ecd42d16c234 100644
--- a/rubrics/impl/pom.xml
+++ b/rubrics/impl/pom.xml
@@ -92,6 +92,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
org.springframework.data
spring-data-jpa
diff --git a/rubrics/impl/src/main/java/org/sakaiproject/rubrics/logic/RubricsServiceImpl.java b/rubrics/impl/src/main/java/org/sakaiproject/rubrics/logic/RubricsServiceImpl.java
index 957ab43634f6..c9ebad7f02c9 100644
--- a/rubrics/impl/src/main/java/org/sakaiproject/rubrics/logic/RubricsServiceImpl.java
+++ b/rubrics/impl/src/main/java/org/sakaiproject/rubrics/logic/RubricsServiceImpl.java
@@ -52,7 +52,7 @@
import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.sakaiproject.authz.api.AuthzGroupService;
diff --git a/rwiki/rwiki-impl/impl/pom.xml b/rwiki/rwiki-impl/impl/pom.xml
index 460459f7d3be..ae5145221407 100644
--- a/rwiki/rwiki-impl/impl/pom.xml
+++ b/rwiki/rwiki-impl/impl/pom.xml
@@ -87,6 +87,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
commons-collections
commons-collections
diff --git a/rwiki/rwiki-impl/impl/src/java/uk/ac/cam/caret/sakai/rwiki/component/service/impl/XSLTEntityHandler.java b/rwiki/rwiki-impl/impl/src/java/uk/ac/cam/caret/sakai/rwiki/component/service/impl/XSLTEntityHandler.java
index 260d589564db..79a2a5c59e00 100644
--- a/rwiki/rwiki-impl/impl/src/java/uk/ac/cam/caret/sakai/rwiki/component/service/impl/XSLTEntityHandler.java
+++ b/rwiki/rwiki-impl/impl/src/java/uk/ac/cam/caret/sakai/rwiki/component/service/impl/XSLTEntityHandler.java
@@ -44,7 +44,7 @@
import javax.xml.transform.sax.TransformerHandler;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.xml.serializer.OutputPropertiesFactory;
import org.apache.xml.serializer.Serializer;
import org.apache.xml.serializer.SerializerFactory;
@@ -536,7 +536,7 @@ public void renderToXML(RWikiObject rwo, final ContentHandler ch, boolean withBr
* ensure all page content is escaped or double escaped before it goes into the parser,
* if this is not done then the parser will unescape html entities during processing
*/
- renderedPage = "" + (escapeXML ? StringEscapeUtils.escapeXml(renderedPage) : renderedPage) //$NON-NLS-1$
+ renderedPage = "" + (escapeXML ? StringEscapeUtils.escapeXml11(renderedPage) : renderedPage) //$NON-NLS-1$
+ ""; //$NON-NLS-1$
diff --git a/samigo/samigo-services/src/java/org/sakaiproject/tool/assessment/integration/helper/integrated/GradebookServiceHelperImpl.java b/samigo/samigo-services/src/java/org/sakaiproject/tool/assessment/integration/helper/integrated/GradebookServiceHelperImpl.java
index b8fbed01dfce..1e713df54bda 100644
--- a/samigo/samigo-services/src/java/org/sakaiproject/tool/assessment/integration/helper/integrated/GradebookServiceHelperImpl.java
+++ b/samigo/samigo-services/src/java/org/sakaiproject/tool/assessment/integration/helper/integrated/GradebookServiceHelperImpl.java
@@ -21,7 +21,7 @@
import java.util.Map;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.math3.util.Precision;
import org.sakaiproject.exception.IdUnusedException;
import org.sakaiproject.service.gradebook.shared.GradebookExternalAssessmentService;
@@ -188,7 +188,7 @@ public boolean addToGradebook(PublishedAssessmentData publishedAssessment, Long
if (g.isGradebookDefined(gradebookUId))
{
- String title = StringEscapeUtils.unescapeHtml3(publishedAssessment.getTitle());
+ String title = StringEscapeUtils.unescapeHtml4(publishedAssessment.getTitle());
if(!g.isAssignmentDefined(gradebookUId, title))
{
g.addExternalAssessment(gradebookUId,
diff --git a/search/elasticsearch/impl/pom.xml b/search/elasticsearch/impl/pom.xml
index 7abd14f072d8..89619684ed37 100644
--- a/search/elasticsearch/impl/pom.xml
+++ b/search/elasticsearch/impl/pom.xml
@@ -76,6 +76,11 @@
commons-lang3
provided
+
+ org.apache.commons
+ commons-text
+ provided
+
org.springframework
spring-core
diff --git a/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchResult.java b/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchResult.java
index 0ce1e984e1f6..f2a8a2d8fc1a 100644
--- a/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchResult.java
+++ b/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchResult.java
@@ -22,7 +22,7 @@
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.lucene.analysis.Analyzer;
import org.apache.lucene.analysis.TokenStream;
import org.apache.lucene.analysis.core.StopAnalyzer;
@@ -201,16 +201,16 @@ public void toXMLString(StringBuilder sb) {
sb.append("");
+ sb.append(" tool=\"").append(StringEscapeUtils.escapeXml11(getTool())).append("\" ");
+ sb.append(" url=\"").append(StringEscapeUtils.escapeXml11(getUrl())).append("\" />");
}
@Override
diff --git a/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchService.java b/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchService.java
index ac168b8a5358..b13c4cc4c7c5 100644
--- a/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchService.java
+++ b/search/elasticsearch/impl/src/java/org/sakaiproject/search/elasticsearch/ElasticSearchService.java
@@ -35,7 +35,7 @@
import java.util.function.Consumer;
import java.util.stream.Collectors;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.elasticsearch.action.admin.cluster.node.info.NodeInfo;
import org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest;
import org.elasticsearch.action.admin.cluster.node.info.NodesInfoResponse;
@@ -507,15 +507,15 @@ public String searchXML(Map parameterMap) {
sb.append(""); //$NON-NLS-1$
sb.append(""); //$NON-NLS-1$
sb.append(""); //$NON-NLS-1$
sb.append(""); //$NON-NLS-1$
sb.append(""); //$NON-NLS-1$
diff --git a/simple-rss-portlet/pom.xml b/simple-rss-portlet/pom.xml
index b27f55f63caa..22efe5486091 100644
--- a/simple-rss-portlet/pom.xml
+++ b/simple-rss-portlet/pom.xml
@@ -57,6 +57,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
commons-io
commons-io
diff --git a/simple-rss-portlet/src/main/java/au/edu/anu/portal/portlets/rss/SimpleRSSPortlet.java b/simple-rss-portlet/src/main/java/au/edu/anu/portal/portlets/rss/SimpleRSSPortlet.java
index f8a6554bd774..efa80c334ba8 100644
--- a/simple-rss-portlet/src/main/java/au/edu/anu/portal/portlets/rss/SimpleRSSPortlet.java
+++ b/simple-rss-portlet/src/main/java/au/edu/anu/portal/portlets/rss/SimpleRSSPortlet.java
@@ -36,7 +36,7 @@
import com.sun.syndication.feed.synd.SyndFeed;
import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import au.edu.anu.portal.portlets.rss.model.Attachment;
@@ -222,7 +222,7 @@ public void processAction(ActionRequest request, ActionResponse response) throws
boolean success = true;
//get prefs and submitted values
PortletPreferences prefs = request.getPreferences();
- String portletTitle = StringEscapeUtils.escapeHtml3(StringUtils.trim(request.getParameter("portletTitle")));
+ String portletTitle = StringEscapeUtils.escapeHtml4(StringUtils.trim(request.getParameter("portletTitle")));
String maxItems = StringUtils.trim(request.getParameter("maxItems"));
String feedUrl = StringUtils.trim(request.getParameter("feedUrl"));
diff --git a/sitestats/sitestats-impl/pom.xml b/sitestats/sitestats-impl/pom.xml
index f6c2248c2f90..325a2b88c29a 100644
--- a/sitestats/sitestats-impl/pom.xml
+++ b/sitestats/sitestats-impl/pom.xml
@@ -169,6 +169,10 @@
org.apache.commons
commons-lang3
+
+ org.apache.commons
+ commons-text
+
commons-digester
commons-digester
diff --git a/sitestats/sitestats-impl/src/java/org/sakaiproject/sitestats/impl/StatsManagerImpl.java b/sitestats/sitestats-impl/src/java/org/sakaiproject/sitestats/impl/StatsManagerImpl.java
index 8b301cf5bfa4..0eb218c01794 100644
--- a/sitestats/sitestats-impl/src/java/org/sakaiproject/sitestats/impl/StatsManagerImpl.java
+++ b/sitestats/sitestats-impl/src/java/org/sakaiproject/sitestats/impl/StatsManagerImpl.java
@@ -39,7 +39,7 @@
import lombok.Setter;
import org.apache.commons.digester.Digester;
-import org.apache.commons.lang3.StringEscapeUtils;
+import org.apache.commons.text.StringEscapeUtils;
import org.hibernate.Criteria;
import org.hibernate.Query;
import org.hibernate.criterion.Expression;
@@ -601,7 +601,7 @@ public String getResourceURL(String ref){
}
Reference r = entityManager.newReference(ref);
if(r != null) {
- return StringEscapeUtils.escapeHtml3(r.getUrl());
+ return StringEscapeUtils.escapeHtml4(r.getUrl());
}else{
return null;
}