Index: examples/test-webapp/src/main/java/com/acme/Dump.java
===================================================================
--- examples/test-webapp/src/main/java/com/acme/Dump.java (revision 2168)
+++ examples/test-webapp/src/main/java/com/acme/Dump.java (working copy)
@@ -63,6 +63,12 @@
/* ------------------------------------------------------------ */
public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
+ if(request.getPathInfo().toLowerCase().indexOf("script")!=-1)
+ {
+ response.sendRedirect(getServletContext().getContextPath() + "/dump/info");
+ return;
+ }
+
request.setCharacterEncoding("UTF-8");
if (request.getParameter("empty")!=null)
@@ -399,8 +405,8 @@
{
String hv= (String)h2.nextElement();
pout.write("\n");
- pout.write("| "+name+": | ");
- pout.write(""+hv+" | ");
+ pout.write(""+name.replaceAll("<", "<").replaceAll(">",">")+": | ");
+ pout.write(""+hv.replaceAll("<", "<").replaceAll(">",">")+" | ");
}
}
@@ -411,13 +417,13 @@
{
name= (String)h.nextElement();
pout.write("
\n");
- pout.write("| "+name+": | ");
- pout.write(""+request.getParameter(name)+" | ");
+ pout.write(""+name.replaceAll("<", "<").replaceAll(">",">")+": | ");
+ pout.write(""+request.getParameter(name).replaceAll("<", "<").replaceAll(">",">")+" | ");
String[] values= request.getParameterValues(name);
if (values == null)
{
pout.write("
\n");
- pout.write("| "+name+" Values: | ");
+ pout.write(""+name.replaceAll("<", "<").replaceAll(">",">")+" Values: | ");
pout.write(""+"NULL!"+" | ");
}
else if (values.length > 1)
@@ -425,8 +431,8 @@
for (int i= 0; i < values.length; i++)
{
pout.write("
\n");
- pout.write("| "+name+"["+i+"]: | ");
- pout.write(""+values[i]+" | ");
+ pout.write(""+name.replaceAll("<", "<").replaceAll(">",">")+"["+i+"]: | ");
+ pout.write(""+values[i].replaceAll("<", "<").replaceAll(">",">")+" | ");
}
}
}
@@ -439,8 +445,8 @@
Cookie cookie = cookies[i];
pout.write("
\n");
- pout.write("| "+cookie.getName()+": | ");
- pout.write(""+cookie.getValue()+" | ");
+ pout.write(""+cookie.getName().replaceAll("<", "<").replaceAll(">",">")+": | ");
+ pout.write(""+cookie.getValue().replaceAll("<", "<").replaceAll(">",">")+" | ");
}
String content_type=request.getContentType();
Index: examples/test-webapp/src/main/webapp/snoop.jsp
===================================================================
--- examples/test-webapp/src/main/webapp/snoop.jsp (revision 2168)
+++ examples/test-webapp/src/main/webapp/snoop.jsp (working copy)
@@ -40,7 +40,7 @@
| Query string: |
- <%= request.getQueryString() %> |
+ <% if(request.getQueryString()!=null) out.write(request.getQueryString().replaceAll("<", "<").replaceAll(">",">")); %> |
| Content length: |
@@ -122,13 +122,13 @@
String vals[] = request.getParameterValues(k);
%>
- | <%= k %> |
- <%= val %> |
+ <%= k.replaceAll("<", "<").replaceAll(">",">") %> |
+ <%= val.replaceAll("<", "<").replaceAll(">",">") %> |
<%
for(int i = 0; i < vals.length; i++) {
if(i > 0)
out.print("
");
- out.print(vals[i]);
+ out.print(vals[i].replaceAll("<", "<").replaceAll(">",">"));
}
%> |
@@ -157,8 +157,8 @@
Object val = request.getAttribute(k);
%>
- | <%= k %> |
- <%= val %> |
+ <%= k.replaceAll("<", "<").replaceAll(">",">") %> |
+ <%= val.toString().replaceAll("<", "<").replaceAll(">",">") %> |
<%
}
Index: VERSION.txt
===================================================================
--- VERSION.txt (revision 2168)
+++ VERSION.txt (working copy)
@@ -1,6 +1,7 @@
jetty-SNAPSHOT
+ + CERT VU#237888 Dump Servlet - prevent cross site scripting
+ CERT VU#38616 handle single quotes in cookie names.
+ Improved JSON parsing from Readers
+ Moved some impl classes from jsp-api-2.1 to jsp-2.1