From fc3a39d464b1303f0b7d01d0160f81cbbb80a98b Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Sun, 07 Sep 2014 11:42:40 -0400
Subject: [PATCH] Create infrastructure for XSS sanitization

---
 src/main/java/com/gitblit/DaggerModule.java |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/gitblit/DaggerModule.java b/src/main/java/com/gitblit/DaggerModule.java
index 6ad3fe6..dd7e1b2 100644
--- a/src/main/java/com/gitblit/DaggerModule.java
+++ b/src/main/java/com/gitblit/DaggerModule.java
@@ -38,7 +38,9 @@
 import com.gitblit.transport.ssh.IPublicKeyManager;
 import com.gitblit.transport.ssh.MemoryKeyManager;
 import com.gitblit.transport.ssh.NullKeyManager;
+import com.gitblit.utils.JSoupXssFilter;
 import com.gitblit.utils.StringUtils;
+import com.gitblit.utils.XssFilter;
 import com.gitblit.wicket.GitBlitWebApp;
 
 import dagger.Module;
@@ -54,6 +56,7 @@
 	library = true,
 	injects = {
 			IStoredSettings.class,
+			XssFilter.class,
 
 			// core managers
 			IRuntimeManager.class,
@@ -79,8 +82,12 @@
 		return new FileSettings();
 	}
 
-	@Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings) {
-		return new RuntimeManager(settings);
+	@Provides @Singleton XssFilter provideXssFilter() {
+		return new JSoupXssFilter();
+	}
+
+	@Provides @Singleton IRuntimeManager provideRuntimeManager(IStoredSettings settings, XssFilter xssFilter) {
+		return new RuntimeManager(settings, xssFilter);
 	}
 
 	@Provides @Singleton IPluginManager providePluginManager(IRuntimeManager runtimeManager) {

--
Gitblit v1.9.1