From e7883877a98dfcae3f75f1c1a562120d89aed22a Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 09 Feb 2012 08:33:16 -0500
Subject: [PATCH] Fixed session fixation vulnerability (issue 62)

---
 src/com/gitblit/wicket/pages/MetricsPage.java |   27 ++++++++++++++++-----------
 1 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/MetricsPage.java b/src/com/gitblit/wicket/pages/MetricsPage.java
index 9dd10d1..8fce27a 100644
--- a/src/com/gitblit/wicket/pages/MetricsPage.java
+++ b/src/com/gitblit/wicket/pages/MetricsPage.java
@@ -40,24 +40,29 @@
 
 import com.gitblit.models.Metric;
 import com.gitblit.utils.MetricUtils;
+import com.gitblit.utils.StringUtils;
 import com.gitblit.utils.TimeUtils;
 import com.gitblit.wicket.WicketUtils;
 
 public class MetricsPage extends RepositoryPage {
 
 	public MetricsPage(PageParameters params) {
-		super(params);				
+		super(params);
 		Repository r = getRepository();
-		add(new Label("branchTitle", objectId));
+		if (StringUtils.isEmpty(objectId)) {
+			add(new Label("branchTitle", getRepositoryModel().HEAD));
+		} else {
+			add(new Label("branchTitle", objectId));
+		}
 		Metric metricsTotal = null;
 		List<Metric> metrics = MetricUtils.getDateMetrics(r, objectId, true, null);
 		metricsTotal = metrics.remove(0);
 		if (metricsTotal == null) {
-			add(new Label("branchStats", ""));			
+			add(new Label("branchStats", ""));
 		} else {
-			add(new Label("branchStats", MessageFormat.format(
-					"{0} commits and {1} tags in {2}", metricsTotal.count, metricsTotal.tag,
-					TimeUtils.duration(metricsTotal.duration))));
+			add(new Label("branchStats",
+					MessageFormat.format("{0} commits and {1} tags in {2}", metricsTotal.count,
+							metricsTotal.tag, TimeUtils.duration(metricsTotal.duration))));
 		}
 		insertLinePlot("commitsChart", metrics);
 		insertBarPlot("dayOfWeekChart", getDayOfWeekMetrics(r, objectId));
@@ -68,7 +73,7 @@
 		if ((metrics != null) && (metrics.size() > 0)) {
 			IChartData data = WicketUtils.getChartData(metrics);
 
-			ChartProvider provider = new ChartProvider(new Dimension(500, 100), ChartType.LINE,
+			ChartProvider provider = new ChartProvider(new Dimension(400, 100), ChartType.LINE,
 					data);
 			ChartAxis dateAxis = new ChartAxis(ChartAxisType.BOTTOM);
 			dateAxis.setLabels(new String[] { metrics.get(0).name,
@@ -93,7 +98,7 @@
 		if ((metrics != null) && (metrics.size() > 0)) {
 			IChartData data = WicketUtils.getChartData(metrics);
 
-			ChartProvider provider = new ChartProvider(new Dimension(500, 100),
+			ChartProvider provider = new ChartProvider(new Dimension(400, 100),
 					ChartType.BAR_VERTICAL_SET, data);
 			ChartAxis dateAxis = new ChartAxis(ChartAxisType.BOTTOM);
 			List<String> labels = new ArrayList<String>();
@@ -121,7 +126,7 @@
 			for (Metric metric : metrics) {
 				labels.add(metric.name);
 			}
-			ChartProvider provider = new ChartProvider(new Dimension(500, 200), ChartType.PIE, data);
+			ChartProvider provider = new ChartProvider(new Dimension(800, 200), ChartType.PIE, data);
 			provider.setPieLabels(labels.toArray(new String[labels.size()]));
 			add(new Chart(wicketId, provider));
 		} else {
@@ -134,7 +139,7 @@
 		SimpleDateFormat sdf = new SimpleDateFormat("E");
 		Calendar cal = Calendar.getInstance();
 
-		List<Metric> sorted = new ArrayList<Metric>(7);
+		List<Metric> sorted = new ArrayList<Metric>();
 		int firstDayOfWeek = cal.getFirstDayOfWeek();
 		int dayOfWeek = cal.get(Calendar.DAY_OF_WEEK);
 
@@ -144,7 +149,7 @@
 			String day = sdf.format(cal.getTime());
 			for (Metric metric : list) {
 				if (metric.name.equals(day)) {
-					sorted.add(i, metric);
+					sorted.add(metric);
 					list.remove(metric);
 					break;
 				}

--
Gitblit v1.9.1