diff --git a/core/src/main/java/hudson/model/ParameterValue.java b/core/src/main/java/hudson/model/ParameterValue.java index d3b39f614a3678c5e2c8a1cd8dd79e76180382c4..fbea3895fd5db0e7ed81f5347a1ddbeb129363d4 100644 --- a/core/src/main/java/hudson/model/ParameterValue.java +++ b/core/src/main/java/hudson/model/ParameterValue.java @@ -31,11 +31,16 @@ import hudson.scm.SCM; import hudson.tasks.BuildWrapper; import hudson.tasks.Builder; import hudson.util.VariableResolver; +import java.io.IOException; import java.io.Serializable; import java.util.Map; +import java.util.logging.Logger; +import jenkins.model.Jenkins; import net.sf.json.JSONObject; +import org.kohsuke.accmod.Restricted; +import org.kohsuke.accmod.restrictions.DoNotUse; import org.kohsuke.stapler.StaplerRequest; import org.kohsuke.stapler.export.Exported; @@ -70,6 +75,9 @@ import org.kohsuke.stapler.export.ExportedBean; */ @ExportedBean(defaultVisibility=3) public abstract class ParameterValue implements Serializable { + + private static final Logger LOGGER = Logger.getLogger(ParameterValue.class.getName()); + protected final String name; private String description; @@ -91,6 +99,16 @@ public abstract class ParameterValue implements Serializable { this.description = description; } + @Restricted(DoNotUse.class) // for value.jelly + public String getFormattedDescription() { + try { + return Jenkins.getInstance().getMarkupFormatter().translate(description); + } catch (IOException e) { + LOGGER.warning("failed to translate description using configured markup formatter"); + return ""; + } + } + /** * Name of the parameter. * diff --git a/core/src/main/resources/hudson/model/StringParameterDefinition/index.jelly b/core/src/main/resources/hudson/model/StringParameterDefinition/index.jelly index 2f99f33da910018d4b96b17833166a658bf78dd3..2c6a20bfbbcdfad92cbd6d95e9de283a0daecd01 100644 --- a/core/src/main/resources/hudson/model/StringParameterDefinition/index.jelly +++ b/core/src/main/resources/hudson/model/StringParameterDefinition/index.jelly @@ -26,7 +26,8 @@ THE SOFTWARE. - + +
diff --git a/core/src/main/resources/hudson/model/StringParameterValue/value.jelly b/core/src/main/resources/hudson/model/StringParameterValue/value.jelly index 961a583d2920cdd2663ae7aef7a2a9646f70dcfa..e3de9ff09a34026b96b498a0ab889bc7b85762b4 100644 --- a/core/src/main/resources/hudson/model/StringParameterValue/value.jelly +++ b/core/src/main/resources/hudson/model/StringParameterValue/value.jelly @@ -26,7 +26,8 @@ THE SOFTWARE. - + + \ No newline at end of file diff --git a/test/src/test/java/hudson/model/ParametersTest.java b/test/src/test/java/hudson/model/ParametersTest.java index 46a89eeb26a27764175f8d80b05c93a060e52419..fe885e164cc61144dc6796e64a914c0bafc5af52 100644 --- a/test/src/test/java/hudson/model/ParametersTest.java +++ b/test/src/test/java/hudson/model/ParametersTest.java @@ -17,7 +17,6 @@ import java.util.regex.Pattern; import org.apache.http.HttpStatus; import static org.hamcrest.Matchers.*; import static org.junit.Assert.*; -import org.junit.Ignore; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ErrorCollector; @@ -226,7 +225,6 @@ public class ParametersTest { HtmlFormUtil.submit(form, HtmlFormUtil.getButtonByCaption(form, "Build")); } - @Ignore("TODO build page should mark up param description; parameters page should mark up param description") @Issue("SECURITY-353") @Test public void xss() throws Exception {