OO-3609, OO-4069: add br to the policy

src/main/java/org/olat/core/logging/OLATRuntimeException.java

@@ -97,18 +97,19 @@ public class OLATRuntimeException extends RuntimeException {
 	 * @return HTML fragment.
 	 */
 	public static String throwableToHtml(Throwable th) {
-		StringBuilder sb = new StringBuilder("<br>");
+		StringBuilder sb = new StringBuilder(10000);
+		sb.append("<br>");
 		if (th == null) {
 			sb.append("n/a");
 		}
 		else {	
-			sb.append("Throwable: "+th.getClass().getName()+"<br /><br />");
+			sb.append("Throwable: ").append(th.getClass().getName()).append("<br><br>");
 			toHtml(sb, th);
 			// 1st cause:
 			Throwable ca = th.getCause();
 			int i=1;
 			while (ca != null) {
-				sb.append("<hr /><br />"+i+". cause:<br /><br />");
+				sb.append("<hr /><br>").append(i).append(". cause:<br><br>");
 				toHtml(sb,ca);
 				i++;
 				ca = ca.getCause();	
@@ -119,14 +120,14 @@ public class OLATRuntimeException extends RuntimeException {
 
 	private static void toHtml(StringBuilder sb, Throwable th) {
 		if (th instanceof OLATRuntimeException) {
-			sb.append("logmsg:").append(((OLATRuntimeException)th).getLogMsg()).append("<br />");
+			sb.append("logmsg:").append(((OLATRuntimeException)th).getLogMsg()).append("<br>");
 		}
-		sb.append("message:" + th.getMessage() + "," +th.getClass().getName() + "<br /><br />");
+		sb.append("message:" + th.getMessage() + "," +th.getClass().getName() + "<br><br>");
 		StackTraceElement[] ste = th.getStackTrace();	
 		int nr = ste.length < 10? ste.length: 10;	
 		for (int i = 0; i < nr; i++) {
 			StackTraceElement st = ste[i];
-			sb.append("at "+ st.toString() + "<br />");
+			sb.append("at ").append(st.toString()).append("<br>");
 		}
 	}
 

src/main/java/org/olat/core/util/filter/impl/OpenOLATPolicy.java

@@ -239,10 +239,12 @@ public class OpenOLATPolicy {
 		
 		.allowElements("dd","tbody","dl","caption","hr","div","dt","ul","init","blockquote","pre","em","figcaption","sub",
 				"strong","img","thead","h1","h2","h3","h4","h5","h6","sup","ol","table","b","figure","strike","i","p",
-				"tfoot","td","s","th","u","li","tr","span")
+				"tfoot","td","s","th","u","li","tr", "span")
 		
 		.allowElements("hr")
 			.allowWithoutAttributes("hr")
+		.allowElements("br")
+			.allowWithoutAttributes("br")
 		.allowElements("a")
 			.allowWithoutAttributes("a")
 		.allowElements("img")

src/test/java/org/olat/core/util/filter/impl/XSSFilterParamTest.java

@@ -184,6 +184,7 @@ public class XSSFilterParamTest {
 /* 100 */	{ "<img src=\"/olat/edusharing/preview?objectUrl=ccrep://OpenOLAT/d5130470-14b4-4ad4-88b7-dfb3ebe943da&version=1.0\" data-es_identifier=\"2083dbe64f00b07232b11608ec0842fc\" data-es_objecturl=\"ccrep://OpenOLAT/d5130470-14b4-4ad4-88b7-dfb3ebe943da\" data-es_version=\"1.0\" data-es_version_current=\"1.0\" data-es_mediatype='i23' data-es_mimetype=\"image/png\" data-es_width=\"1000\" data-es_height=\"446\" data-es_first_edit=\"false\" class=\"edusharing\" alt=\"Bildschirmfoto 2018-11-07 um 16.09.49.png\" title=\"Bildschirmfoto 2018-11-07 um 16.09.49.png\" width=\"1000\" height=\"446\">",
 				"<img src=\"/olat/edusharing/preview?objectUrl&#61;ccrep://OpenOLAT/d5130470-14b4-4ad4-88b7-dfb3ebe943da&amp;version&#61;1.0\" data-es_identifier=\"2083dbe64f00b07232b11608ec0842fc\" data-es_objecturl=\"ccrep://OpenOLAT/d5130470-14b4-4ad4-88b7-dfb3ebe943da\" data-es_version=\"1.0\" data-es_version_current=\"1.0\" data-es_mediatype=\"i23\" data-es_mimetype=\"image/png\" data-es_width=\"1000\" data-es_height=\"446\" data-es_first_edit=\"false\" class=\"edusharing\" alt=\"Bildschirmfoto 2018-11-07 um 16.09.49.png\" title=\"Bildschirmfoto 2018-11-07 um 16.09.49.png\" width=\"1000\" height=\"446\" />"	
 			},
+			{ "Before<br>After<br>More", "Before<br />After<br />More" },
 			{ null, "" } // be tolerant
         });
     }