echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix for #588 - HTML escape and unescape descriptions on configclients page

Browse Source
This commit is contained in:
str4d
2012-01-17 00:56:49 +00:00
parent 0a5e08382f
commit 1e8c968bd6
2 changed files with 43 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
apps/routerconsole/java/src/net/i2p/router/web/ConfigClientsHelper.java
View File

@ -3,8 +3,10 @@ package net.i2p.router.web;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.TreeSet;
@ -234,6 +236,7 @@ public class ConfigClientsHelper extends HelperBase {
boolean enabled, boolean ro, String desc, boolean edit,
boolean showEditButton, boolean showUpdateButton, boolean showStopButton,
boolean showDeleteButton, boolean showStartButton) {
String escapeddesc = escapeHTML(desc);
buf.append("<tr><td class=\"mediumtags\" align=\"right\" width=\"25%\">");
if (urlify && enabled) {
String link = "/";
@ -279,10 +282,10 @@ public class ConfigClientsHelper extends HelperBase {
buf.append("</td><td align=\"left\" width=\"50%\">");
if (edit && !ro) {
buf.append("<input type=\"text\" size=\"80\" name=\"desc").append(index).append("\" value=\"");
buf.append(desc);
buf.append(escapeddesc);
buf.append("\" >");
} else {
buf.append(desc);
buf.append(escapeddesc);
}
buf.append("</td></tr>\n");
}
@ -298,4 +301,22 @@ public class ConfigClientsHelper extends HelperBase {
String rv = t1.replace('>', ' ');
return rv;
}
/**
* Escapes a string for inclusion in HTML
*/
private String escapeHTML(String unescaped) {
Map<String, String> map = new HashMap<String, String>();
map.put("\"","&quot;");
map.put("&","&amp;");
map.put("<","&lt;");
map.put(">","&gt;");
String escaped = unescaped;
for (Map.Entry<String, String> entry : map.entrySet()) {
String k = entry.getKey();
String v = entry.getValue();
escaped = escaped.replaceAll(k, v);
}
return escaped;
}
}