echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Console: Fix URLs caught in XSS filter on /confighome (ticket #1569)

Browse Source 
Fix name and URL escaping
Truncate long URLs in display
This commit is contained in:
zzz
2015-05-13 12:04:28 +00:00
parent 0e17c560b3
commit 081f1865a8
2 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/routerconsole/java/src/net/i2p/router/web/ConfigHomeHandler.java
View File

@ -58,18 +58,21 @@ public class ConfigHomeHandler extends FormHandler {
else else
apps = HomeHelper.buildApps(_context, config); apps = HomeHelper.buildApps(_context, config);
if (adding) { if (adding) {
String name = getJettyString("name"); String name = getJettyString("nofilter_name");
if (name == null || name.length() <= 0) { if (name == null || name.length() <= 0) {
addFormError(_("No name entered")); addFormError(_("No name entered"));
return; return;
} }
String url = getJettyString("url"); String url = getJettyString("nofilter_url");
if (url == null || url.length() <= 0) { if (url == null || url.length() <= 0) {
addFormError(_("No URL entered")); addFormError(_("No URL entered"));
return; return;
} }
name = DataHelper.escapeHTML(name).replace(",", "&#44;"); // HomeHelper.S // these would get double-escaped so we can't do it this way...
url = DataHelper.escapeHTML(url).replace(",", "&#44;"); //name = DataHelper.escapeHTML(name).replace(",", "&#44;");
//url = DataHelper.escapeHTML(url).replace(",", "&#44;");
name = name.replace(",", ".");
url = url.replace(",", "."); // fail
HomeHelper.App app = null; HomeHelper.App app = null;
if ("1".equals(group)) if ("1".equals(group))
app = new HomeHelper.App(name, "", url, "/themes/console/images/eepsite.png"); app = new HomeHelper.App(name, "", url, "/themes/console/images/eepsite.png");

22
apps/routerconsole/java/src/net/i2p/router/web/HomeHelper.java
View File

@ -7,6 +7,7 @@ import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.TreeSet; import java.util.TreeSet;
import net.i2p.data.DataHelper;
import net.i2p.router.RouterContext; import net.i2p.router.RouterContext;
import net.i2p.util.PortMapper; import net.i2p.util.PortMapper;
@ -209,17 +210,22 @@ public class HomeHelper extends HelperBase {
buf.append("<img height=\"16\" alt=\"\" src=\"").append(app.icon).append("\">"); buf.append("<img height=\"16\" alt=\"\" src=\"").append(app.icon).append("\">");
} }
buf.append("</td><td align=\"left\">") buf.append("</td><td align=\"left\">")
.append(app.name) .append(DataHelper.escapeHTML(app.name))
.append("</td><td align=\"left\"><a href=\"") .append("</td><td align=\"left\"><a href=\"");
.append(app.url.replace("&", "&amp;")) String url = DataHelper.escapeHTML(app.url);
.append("\">") buf.append(url)
.append(app.url.replace("&", "&amp;")) .append("\">");
.append("</a></td></tr>\n"); // truncate before escaping
if (app.url.length() > 50)
buf.append(DataHelper.escapeHTML(app.url.substring(0, 48))).append("&hellip;");
else
buf.append(url);
buf.append("</a></td></tr>\n");
} }
buf.append("<tr><td colspan=\"2\" align=\"center\"><b>") buf.append("<tr><td colspan=\"2\" align=\"center\"><b>")
.append(_("Add")).append(":</b>" + .append(_("Add")).append(":</b>" +
"</td><td align=\"left\"><input type=\"text\" name=\"name\"></td>" + "</td><td align=\"left\"><input type=\"text\" name=\"nofilter_name\"></td>" +
"<td align=\"left\"><input type=\"text\" size=\"40\" name=\"url\"></td></tr>"); "<td align=\"left\"><input type=\"text\" size=\"40\" name=\"nofilter_url\"></td></tr>");
buf.append("</table>\n"); buf.append("</table>\n");
return buf.toString(); return buf.toString();
} }