From eb816d59fed219158457cb8f1c4182f06fb3bc67 Mon Sep 17 00:00:00 2001 From: epuzanov Date: Mon, 25 Mar 2024 13:33:36 +0100 Subject: [PATCH 1/2] Validate the code comments field HTML syntax --- .../java/gsrs/module/substance/utils/HtmlUtil.java | 2 +- .../utils/validation/validators/CodesValidator.java | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/gsrs-module-substances-core/src/main/java/gsrs/module/substance/utils/HtmlUtil.java b/gsrs-module-substances-core/src/main/java/gsrs/module/substance/utils/HtmlUtil.java index 6a4c5a512..33c051a42 100644 --- a/gsrs-module-substances-core/src/main/java/gsrs/module/substance/utils/HtmlUtil.java +++ b/gsrs-module-substances-core/src/main/java/gsrs/module/substance/utils/HtmlUtil.java @@ -20,7 +20,7 @@ * Created by epuzanov on 7/25/22. */ public final class HtmlUtil { - private static final Set safetags = Stream.of("i", "small", "sub", "sup").collect(Collectors.toSet()); + private static final Set safetags = Stream.of("br", "i", "small", "sub", "sup").collect(Collectors.toSet()); private static class TruncateVisitor implements NodeVisitor { private int maxLen = 0; private Element dst; diff --git a/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java b/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java index cbb8399ef..9e44acf54 100644 --- a/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java +++ b/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java @@ -3,6 +3,7 @@ import gsrs.module.substance.repository.ReferenceRepository; import gsrs.module.substance.repository.SubstanceRepository; +import gsrs.module.substance.utils.HtmlUtil; import ix.core.models.Keyword; import ix.core.util.LogUtil; import ix.core.validator.GinasProcessingMessage; @@ -119,6 +120,16 @@ public void validate(Substance s, Substance objold, ValidatorCallback callback) callback.addMessage(mes); } + if(!HtmlUtil.isValid(cd.comments)) { + cd.comments=HtmlUtil.clean(cd.comments, "UTF-8"); + GinasProcessingMessage mes = GinasProcessingMessage + .WARNING_MESSAGE( + "Code '%s'[%s] code text: %s contains one or more forbidden html tags that will be removed", + cd.code, cd.codeSystem, cd.comments) + .appliableChange(true); + callback.addMessage(mes); + } + } catch (Exception e) { e.printStackTrace(); } From 942bedb9165154c878219b379ec779cc429a4781 Mon Sep 17 00:00:00 2001 From: Hu Date: Thu, 11 Apr 2024 13:32:28 -0400 Subject: [PATCH 2/2] add checking for null --- .../ix/ginas/utils/validation/validators/CodesValidator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java b/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java index 9e44acf54..837092c31 100644 --- a/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java +++ b/gsrs-module-substances-core/src/main/java/ix/ginas/utils/validation/validators/CodesValidator.java @@ -120,7 +120,7 @@ public void validate(Substance s, Substance objold, ValidatorCallback callback) callback.addMessage(mes); } - if(!HtmlUtil.isValid(cd.comments)) { + if(cd.comments!=null && !cd.comments.isEmpty() && !HtmlUtil.isValid(cd.comments)) { cd.comments=HtmlUtil.clean(cd.comments, "UTF-8"); GinasProcessingMessage mes = GinasProcessingMessage .WARNING_MESSAGE(