echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stripHTML on form params

Browse Source
This commit is contained in:
zzz
2010-06-26 04:05:30 +00:00
parent bcba5af8a9
commit 47f39d0766
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/i2psnark/java/src/org/klomp/snark/web/I2PSnarkServlet.java
View File

@ -905,9 +905,12 @@ public class I2PSnarkServlet extends Default {
private void writeAddForm(PrintWriter out, HttpServletRequest req) throws IOException { private void writeAddForm(PrintWriter out, HttpServletRequest req) throws IOException {
String uri = req.getRequestURI(); String uri = req.getRequestURI();
String newURL = req.getParameter("newURL"); String newURL = req.getParameter("newURL");
if ( (newURL == null) || (newURL.trim().length() <= 0) ) newURL = ""; if ( (newURL == null) || (newURL.trim().length() <= 0) )
String newFile = req.getParameter("newFile"); newURL = "";
if ( (newFile == null) || (newFile.trim().length() <= 0) ) newFile = ""; else
newURL = DataHelper.stripHTML(newURL); // XSS
//String newFile = req.getParameter("newFile");
//if ( (newFile == null) || (newFile.trim().length() <= 0) ) newFile = "";
out.write("<span class=\"snarkNewTorrent\">\n"); out.write("<span class=\"snarkNewTorrent\">\n");
// *not* enctype="multipart/form-data", so that the input type=file sends the filename, not the file // *not* enctype="multipart/form-data", so that the input type=file sends the filename, not the file
@ -935,8 +938,10 @@ public class I2PSnarkServlet extends Default {
private void writeSeedForm(PrintWriter out, HttpServletRequest req) throws IOException { private void writeSeedForm(PrintWriter out, HttpServletRequest req) throws IOException {
String uri = req.getRequestURI(); String uri = req.getRequestURI();
String baseFile = req.getParameter("baseFile"); String baseFile = req.getParameter("baseFile");
if (baseFile == null) if (baseFile == null || baseFile.trim().length() <= 0)
baseFile = ""; baseFile = "";
else
baseFile = DataHelper.stripHTML(baseFile); // XSS
out.write("<div class=\"newtorrentsection\"><span class=\"snarkNewTorrent\">\n"); out.write("<div class=\"newtorrentsection\"><span class=\"snarkNewTorrent\">\n");
// *not* enctype="multipart/form-data", so that the input type=file sends the filename, not the file // *not* enctype="multipart/form-data", so that the input type=file sends the filename, not the file