echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refresh tweaks

Browse Source 
another escape html
This commit is contained in:
zzz
2014-07-26 20:14:01 +00:00
parent 1e0c970c95
commit d6b0b1b93c
4 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
apps/routerconsole/java/src/net/i2p/router/web/EventLogHelper.java
View File

@ -160,6 +160,7 @@ public class EventLogHelper extends FormHandler {
String xev = _xevents.get(_event);
if (xev == null)
xev = _event;
xev = DataHelper.escapeHTML(xev);
if (events.isEmpty()) {
if (isAll) {
if (_age == 0)

9
apps/routerconsole/jsp/summary.jsi
View File

@ -17,9 +17,14 @@
if (d == null || "".equals(d))
d = intl.getRefresh();
else {
d = net.i2p.data.DataHelper.stripHTML(d); // XSS
long delay;
try {
delay = Long.parseLong(d);
} catch (NumberFormatException nfe) {
delay = 60;
}
// pass the new delay parameter to the iframe
newDelay = "?refresh=" + d;
newDelay = "?refresh=" + delay;
// update disable boolean
intl.setDisableRefresh(d);
}

2
apps/routerconsole/jsp/summaryframe.jsp
View File

@ -23,7 +23,7 @@
if (!shutdownSoon) {
if (d == null || "".equals(d)) {
// set below
} else {
} else if (intl.getNonce().equals(conNonceParam)) {
d = net.i2p.data.DataHelper.stripHTML(d); // XSS
intl.setRefresh(d);
intl.setDisableRefresh(d);

2
router/java/src/net/i2p/router/RouterVersion.java
View File

@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */
public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 27;
public final static long BUILD = 28;
/** for example "-test" */
public final static String EXTRA = "-rc";