[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-commit] r950 - in jetty/branches/jetty-7.0.0.x: . test-jetty-webapp/src/main/java/com/acme

Author: gwilkins
Date: 2009-09-24 00:34:09 -0400 (Thu, 24 Sep 2009)
New Revision: 950

Modified:
   jetty/branches/jetty-7.0.0.x/VERSION.txt
   jetty/branches/jetty-7.0.0.x/test-jetty-webapp/src/main/java/com/acme/CookieDump.java
Log:
fixed XSS issue in demo CometDump servlet

Modified: jetty/branches/jetty-7.0.0.x/VERSION.txt
===================================================================
--- jetty/branches/jetty-7.0.0.x/VERSION.txt	2009-09-24 03:53:33 UTC (rev 949)
+++ jetty/branches/jetty-7.0.0.x/VERSION.txt	2009-09-24 04:34:09 UTC (rev 950)
@@ -1,4 +1,5 @@
 jetty-7.0.0.RC7-SNAPSHOT
+ + Fixed XSS issue in CookieDump demo servlet.
  + 289958 StatisticsServlet incorrectly adds StatisticsHandler
  + 290081 Eager consume LF after CR
 

Modified: jetty/branches/jetty-7.0.0.x/test-jetty-webapp/src/main/java/com/acme/CookieDump.java
===================================================================
--- jetty/branches/jetty-7.0.0.x/test-jetty-webapp/src/main/java/com/acme/CookieDump.java	2009-09-24 03:53:33 UTC (rev 949)
+++ jetty/branches/jetty-7.0.0.x/test-jetty-webapp/src/main/java/com/acme/CookieDump.java	2009-09-24 04:34:09 UTC (rev 950)
@@ -85,7 +85,7 @@
         
         for (int i=0;cookies!=null && i<cookies.length;i++)
         {
-            out.println("<b>"+cookies[i].getName()+"</b>="+cookies[i].getValue()+"<br/>");
+            out.println("<b>"+deScript(cookies[i].getName())+"</b>="+deScript(cookies[i].getValue())+"<br/>");
         }
         
         out.println("<form action=\""+response.encodeURL(getURI(request))+"\" method=\"post\">"); 
@@ -110,5 +110,16 @@
             uri=request.getRequestURI();
         return uri;
     }
+
+    /* ------------------------------------------------------------ */
+    protected String deScript(String string)
+    {
+        if (string==null)
+            return null;
+        string=string.replace("&", "&amp;");
+        string=string.replace( "<", "&lt;");
+        string=string.replace( ">", "&gt;");
+        return string;
+    }
     
 }