Files

amic 6c162b2e93 Fix xss vulnerability (#924 )

* Fix XSS vulnerability for Distribution Set and Software Module field
* Fix XSS vulnerability for Artifact Details of header in Upload view
* Fix XSS vulnerability in Distribution View Software Module box show artifact details window and fix SonarQube issue
* Fix XSS vulnerability in Upload View Software Module field manage metadata
* Fix XSS vulnerability for Notifications when creating or deleting new or existing Distributions or Software Modules plus adapting error notifications when trying to duplicate
* Fix XSS vulnerability for Distributions View when assigning sm to dist confirmation popup text
* Fix XSS vulnerability for Distributions View modules tab of distribution value of SoftwareModule
* Fix XSS vulnerability for Deployment View assigned tab of target which has risky distribution assigned
* Fix XSS vulnerability in Deployment view action history (of) field and eliminate bugs
* Fix XSS vulnerability bug in Deployment View Action history of field
* Fix XSS vulnerability for Distributions View Module tab as it rendered tool tip
* Fix XSS vulnerability formatting
* Invented some IDs to ease testing regarding XSS vulnerability
* Fix XSS peer review findings
* Fix XSS vulnerability for Distribution Set and Software Module field
* Resolve merge conflicts

Signed-off-by: Ammar Bikic <ammar.bikic@bosch-si.com>

2020-01-27 14:41:07 +01:00

src

Fix xss vulnerability (#924 )

2020-01-27 14:41:07 +01:00

.gitignore

Remove and Rename modules

2016-05-18 13:48:04 +02:00

pom.xml

List of CQs updated

2020-01-16 12:04:12 +01:00

README.md

Remove and Rename modules

2016-05-18 13:48:04 +02:00

README.md

hawkBit User Interface

The hawkBit user interface is based on the Vaadin and Vaadin-Spring framework and allows to manage software updates and large scale roll-outs via a user interface.

Debugging client-side code

Debug using SuperDevMode

The SuperDevMode can be used to debug client side code without any browser plugin.

Using SuperDevMode with chrome :

Add required maven dependencies
- Add vaadin-client-compiler dependency
- Add jetty dependencies (version : 8.1x)
Set redirect property in the AppWidgetSet.gwt.xml module descriptor as follows
- < set-configuration-property name="devModeRedirectEnabled" value="true" />
Create launch configuration for the SuperDevMode
- The main class to execute should be com.google.gwt.dev.codeserver.CodeServer.
- Add fully-qualified class name of widgetset (org.eclipse.hawkbit.ui.AppWidgetSet) as parameter
Enable debug in chrome
- Chrome inspector window ▸ Click on settings icon ▸ Scripts ▸ Enable source maps option
Run the SuperDevMode Code Server with the launch configuration created above
Open http://localhost:8080/UI/?debug .Click on "SuperDev" button in debug console (Alternatively can directly add ?superdevmode parameter to URL)
Widgetset is compiled and you can see the java code files loaded in 'Chrome inspector window ▸ Source tab'

Using SuperDevMode with Eclipse :

Install the plugin from http://sdbg.github.io/p2
Start the server and Super Dev Mode as mentioned above
Create a new launch configuration in Eclipse
- Type is "Launch Chrome"
- http://localhost:8080/UI/?superdevmode
Launch the new configuration in debug mode
Now breakpoints in eclipse can be set