Skip to content
This repository has been archived by the owner on Mar 12, 2018. It is now read-only.

Commit

Permalink
JETTY-452
Browse files Browse the repository at this point in the history
  • Loading branch information
gregw committed Nov 2, 2007
1 parent 316c26f commit 8ceaa87
Show file tree
Hide file tree
Showing 3 changed files with 42 additions and 27 deletions.
1 change: 1 addition & 0 deletions VERSION.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ jetty-SNAPSHOT
+ JETTY-445 removed test code
+ JETTY-448 added setReuseAddress on AbstractConnector
+ JETTY-450 Bad request for response sent to server
+ JETTY-452 CERT VU#237888 Dump Servlet - prevent cross site scripting
+ JETTY-453 updated Wadi to 2.0-M7
+ JETTY-454 handle exceptions with themselves as root cause

Expand Down
56 changes: 35 additions & 21 deletions examples/test-webapp/src/main/java/com/acme/Dump.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,12 @@
package com.acme;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.io.Reader;
import java.lang.reflect.Array;
import java.lang.reflect.Field;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Locale;

Expand All @@ -37,6 +35,7 @@
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

import org.mortbay.util.StringUtil;
import org.mortbay.util.ajax.Continuation;
import org.mortbay.util.ajax.ContinuationSupport;

Expand All @@ -63,6 +62,12 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
/* ------------------------------------------------------------ */
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
if(request.getPathInfo().toLowerCase().indexOf("script")!=-1)
{
response.sendRedirect(getServletContext().getContextPath() + "/dump/info");
return;
}

request.setCharacterEncoding("UTF-8");

if (request.getParameter("empty")!=null)
Expand Down Expand Up @@ -301,34 +306,34 @@ else if (pi.startsWith("/ex3/"))
pout.write("<table width=\"95%\">");
pout.write("<tr>\n");
pout.write("<th align=\"right\">getMethod:&nbsp;</th>");
pout.write("<td>" + request.getMethod()+"</td>");
pout.write("<td>" + notag(request.getMethod())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getContentLength:&nbsp;</th>");
pout.write("<td>"+Integer.toString(request.getContentLength())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getContentType:&nbsp;</th>");
pout.write("<td>"+request.getContentType()+"</td>");
pout.write("<td>"+notag(request.getContentType())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getRequestURI:&nbsp;</th>");
pout.write("<td>"+request.getRequestURI()+"</td>");
pout.write("<td>"+notag(request.getRequestURI())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getRequestURL:&nbsp;</th>");
pout.write("<td>"+request.getRequestURL()+"</td>");
pout.write("<td>"+notag(request.getRequestURL().toString())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getContextPath:&nbsp;</th>");
pout.write("<td>"+request.getContextPath()+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getServletPath:&nbsp;</th>");
pout.write("<td>"+request.getServletPath()+"</td>");
pout.write("<td>"+notag(request.getServletPath())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getPathInfo:&nbsp;</th>");
pout.write("<td>"+request.getPathInfo()+"</td>");
pout.write("<td>"+notag(request.getPathInfo())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getPathTranslated:&nbsp;</th>");
pout.write("<td>"+request.getPathTranslated()+"</td>");
pout.write("<td>"+notag(request.getPathTranslated())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getQueryString:&nbsp;</th>");
pout.write("<td>"+request.getQueryString()+"</td>");
pout.write("<td>"+notag(request.getQueryString())+"</td>");

pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getProtocol:&nbsp;</th>");
Expand All @@ -338,7 +343,7 @@ else if (pi.startsWith("/ex3/"))
pout.write("<td>"+request.getScheme()+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getServerName:&nbsp;</th>");
pout.write("<td>"+request.getServerName()+"</td>");
pout.write("<td>"+notag(request.getServerName())+"</td>");
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">getServerPort:&nbsp;</th>");
pout.write("<td>"+Integer.toString(request.getServerPort())+"</td>");
Expand Down Expand Up @@ -399,8 +404,8 @@ else if (pi.startsWith("/ex3/"))
{
String hv= (String)h2.nextElement();
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">"+name+":&nbsp;</th>");
pout.write("<td>"+hv+"</td>");
pout.write("<th align=\"right\">"+notag(name)+":&nbsp;</th>");
pout.write("<td>"+notag(hv)+"</td>");
}
}

Expand All @@ -411,22 +416,22 @@ else if (pi.startsWith("/ex3/"))
{
name= (String)h.nextElement();
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">"+name+":&nbsp;</th>");
pout.write("<td>"+request.getParameter(name)+"</td>");
pout.write("<th align=\"right\">"+notag(name)+":&nbsp;</th>");
pout.write("<td>"+notag(request.getParameter(name))+"</td>");
String[] values= request.getParameterValues(name);
if (values == null)
{
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">"+name+" Values:&nbsp;</th>");
pout.write("<th align=\"right\">"+notag(name)+" Values:&nbsp;</th>");
pout.write("<td>"+"NULL!"+"</td>");
}
else if (values.length > 1)
{
for (int i= 0; i < values.length; i++)
{
pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">"+name+"["+i+"]:&nbsp;</th>");
pout.write("<td>"+values[i]+"</td>");
pout.write("<th align=\"right\">"+notag(name)+"["+i+"]:&nbsp;</th>");
pout.write("<td>"+notag(values[i])+"</td>");
}
}
}
Expand All @@ -439,8 +444,8 @@ else if (values.length > 1)
Cookie cookie = cookies[i];

pout.write("</tr><tr>\n");
pout.write("<th align=\"right\">"+cookie.getName()+":&nbsp;</th>");
pout.write("<td>"+cookie.getValue()+"</td>");
pout.write("<th align=\"right\">"+notag(cookie.getName())+":&nbsp;</th>");
pout.write("<td>"+notag(cookie.getValue())+"</td>");
}

String content_type=request.getContentType();
Expand All @@ -458,7 +463,7 @@ else if (values.length > 1)
Reader in=request.getReader();

while((len=in.read(content))>=0)
pout.write(content,0,len);
pout.write(notag(new String(content,0,len)));
}
catch(IOException e)
{
Expand Down Expand Up @@ -719,4 +724,13 @@ private static String toString(Object o)
}
}

private String notag(String s)
{
if (s==null)
return "null";
s=StringUtil.replace(s,"&","&amp;");
s=StringUtil.replace(s,"<","&lt;");
s=StringUtil.replace(s,">","&gt;");
return s;
}
}
12 changes: 6 additions & 6 deletions examples/test-webapp/src/main/webapp/snoop.jsp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
</TR>
<TR>
<TH align=right>Query string:</TH>
<TD><%= request.getQueryString() %></TD>
<TD><% if(request.getQueryString()!=null) out.write(request.getQueryString().replaceAll("<", "&lt;").replaceAll(">","&gt;")); %></TD>
</TR>
<TR>
<TH align=right>Content length:</TH>
Expand Down Expand Up @@ -122,13 +122,13 @@
String vals[] = request.getParameterValues(k);
%>
<TR valign=top>
<TD><%= k %></TD>
<TD><%= val %></TD>
<TD><%= k.replaceAll("<", "&lt;").replaceAll(">","&gt;") %></TD>
<TD><%= val.replaceAll("<", "&lt;").replaceAll(">","&gt;") %></TD>
<TD><%
for(int i = 0; i < vals.length; i++) {
if(i > 0)
out.print("<BR>");
out.print(vals[i]);
out.print(vals[i].replaceAll("<", "&lt;").replaceAll(">","&gt;"));
}
%></TD>
</TR>
Expand Down Expand Up @@ -157,8 +157,8 @@
Object val = request.getAttribute(k);
%>
<TR valign=top>
<TD><%= k %></TD>
<TD><%= val %></TD>
<TD><%= k.replaceAll("<", "&lt;").replaceAll(">","&gt;") %></TD>
<TD><%= val.toString().replaceAll("<", "&lt;").replaceAll(">","&gt;") %></TD>
</TR>
<%
}
Expand Down

0 comments on commit 8ceaa87

Please sign in to comment.