I2P_Developers/i2p.itoopie
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix potential XSS holes

Browse Source
This commit is contained in:
zzz
2009-12-04 00:27:05 +00:00
parent c4e6148b9f
commit f5c1acc749
6 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/routerconsole/java/src/net/i2p/router/web/NetDbHelper.java
View File

@ -4,6 +4,7 @@ import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import net.i2p.data.DataHelper;
public class NetDbHelper extends HelperBase {
private String _routerPrefix;
@ -12,7 +13,10 @@ public class NetDbHelper extends HelperBase {
public NetDbHelper() {}
public void setRouter(String r) { _routerPrefix = r; }
public void setRouter(String r) {
_routerPrefix = DataHelper.stripHTML(r); // XSS
}
public void setFull(String f) {
try {
_full = Integer.parseInt(f);