From f9c661ef5d2a422f246b3a089bee06470ae1d431 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 07 Sep 2014 12:04:12 -0400
Subject: [PATCH] Merged #164 "Sanitize page parameters for XSS vulerabilities"

---
 src/main/java/com/gitblit/DaggerModule.java |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/gitblit/DaggerModule.java b/src/main/java/com/gitblit/DaggerModule.java
index 6ad3fe6..dd7e1b2 100644
--- a/src/main/java/com/gitblit/DaggerModule.java
+++ b/src/main/java/com/gitblit/DaggerModule.java
@@ -38,7 +38,9 @@
 import com.gitblit.transport.ssh.IPublicKeyManager;
 import com.gitblit.transport.ssh.MemoryKeyManager;
 import com.gitblit.transport.ssh.NullKeyManager;
+import com.gitblit.utils.JSoupXssFilter;
 import com.gitblit.utils.StringUtils;
+import com.gitblit.utils.XssFilter;
 import com.gitblit.wicket.GitBlitWebApp;
 
 import dagger.Module;
@@ -54,6 +56,7 @@
 	library = true,
 	injects = {
 			IStoredSettings.class,
+			XssFilter.class,
 
 			// core managers
 			IRuntimeManager.class,
@@ -79,8 +82,12 @@
 		return new FileSettings();
 	}
 
-	@Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings) {
-		return new RuntimeManager(settings);
+	@Provides @Singleton XssFilter provideXssFilter() {
+		return new JSoupXssFilter();
+	}
+
+	@Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings, XssFilter xssFilter) {
+		return new RuntimeManager(settings, xssFilter);
 	}
 
 	@Provides @Singleton IPluginManager providePluginManager(IRuntimeManager runtimeManager) {

--
Gitblit v1.9.1