From e7883877a98dfcae3f75f1c1a562120d89aed22a Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 09 Feb 2012 08:33:16 -0500
Subject: [PATCH] Fixed session fixation vulnerability (issue 62)

---
 src/com/gitblit/wicket/pages/MetricsPage.java |   17 +++++++++++------
 1 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/MetricsPage.java b/src/com/gitblit/wicket/pages/MetricsPage.java
index 4d0cd4c..8fce27a 100644
--- a/src/com/gitblit/wicket/pages/MetricsPage.java
+++ b/src/com/gitblit/wicket/pages/MetricsPage.java
@@ -40,6 +40,7 @@
 
 import com.gitblit.models.Metric;
 import com.gitblit.utils.MetricUtils;
+import com.gitblit.utils.StringUtils;
 import com.gitblit.utils.TimeUtils;
 import com.gitblit.wicket.WicketUtils;
 
@@ -48,7 +49,11 @@
 	public MetricsPage(PageParameters params) {
 		super(params);
 		Repository r = getRepository();
-		add(new Label("branchTitle", objectId));
+		if (StringUtils.isEmpty(objectId)) {
+			add(new Label("branchTitle", getRepositoryModel().HEAD));
+		} else {
+			add(new Label("branchTitle", objectId));
+		}
 		Metric metricsTotal = null;
 		List<Metric> metrics = MetricUtils.getDateMetrics(r, objectId, true, null);
 		metricsTotal = metrics.remove(0);
@@ -68,7 +73,7 @@
 		if ((metrics != null) && (metrics.size() > 0)) {
 			IChartData data = WicketUtils.getChartData(metrics);
 
-			ChartProvider provider = new ChartProvider(new Dimension(500, 100), ChartType.LINE,
+			ChartProvider provider = new ChartProvider(new Dimension(400, 100), ChartType.LINE,
 					data);
 			ChartAxis dateAxis = new ChartAxis(ChartAxisType.BOTTOM);
 			dateAxis.setLabels(new String[] { metrics.get(0).name,
@@ -93,7 +98,7 @@
 		if ((metrics != null) && (metrics.size() > 0)) {
 			IChartData data = WicketUtils.getChartData(metrics);
 
-			ChartProvider provider = new ChartProvider(new Dimension(500, 100),
+			ChartProvider provider = new ChartProvider(new Dimension(400, 100),
 					ChartType.BAR_VERTICAL_SET, data);
 			ChartAxis dateAxis = new ChartAxis(ChartAxisType.BOTTOM);
 			List<String> labels = new ArrayList<String>();
@@ -121,7 +126,7 @@
 			for (Metric metric : metrics) {
 				labels.add(metric.name);
 			}
-			ChartProvider provider = new ChartProvider(new Dimension(500, 200), ChartType.PIE, data);
+			ChartProvider provider = new ChartProvider(new Dimension(800, 200), ChartType.PIE, data);
 			provider.setPieLabels(labels.toArray(new String[labels.size()]));
 			add(new Chart(wicketId, provider));
 		} else {
@@ -134,7 +139,7 @@
 		SimpleDateFormat sdf = new SimpleDateFormat("E");
 		Calendar cal = Calendar.getInstance();
 
-		List<Metric> sorted = new ArrayList<Metric>(7);
+		List<Metric> sorted = new ArrayList<Metric>();
 		int firstDayOfWeek = cal.getFirstDayOfWeek();
 		int dayOfWeek = cal.get(Calendar.DAY_OF_WEEK);
 
@@ -144,7 +149,7 @@
 			String day = sdf.format(cal.getTime());
 			for (Metric metric : list) {
 				if (metric.name.equals(day)) {
-					sorted.add(i, metric);
+					sorted.add(metric);
 					list.remove(metric);
 					break;
 				}

--
Gitblit v1.9.1