Author: toad
Date: 2006-12-07 21:08:20 +0000 (Thu, 07 Dec 2006)
New Revision: 11289
Modified:
trunk/freenet/src/freenet/clients/http/filter/FilterCallback.java
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
trunk/freenet/src/freenet/clients/http/filter/NullFilterCallback.java
Log:
Move the decision on whether a <form> is allowed to the filter callback, which
is where it should be.
Force the enctype and accept-encoding.
Drop support for accept until we get around to filtering it properly.
Modified: trunk/freenet/src/freenet/clients/http/filter/FilterCallback.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/filter/FilterCallback.java
2006-12-07 20:49:39 UTC (rev 11288)
+++ trunk/freenet/src/freenet/clients/http/filter/FilterCallback.java
2006-12-07 21:08:20 UTC (rev 11289)
@@ -15,16 +15,6 @@
public String processURI(String uri, String overrideType) throws
CommentException;
/**
- * Should we allow GET forms?
- */
- public boolean allowGetForms();
-
- /**
- * Should we allow POST forms?
- */
- public boolean allowPostForms();
-
- /**
* Process a base URI in the page. Not only is this filtered, it
affects all
* relative uri's on the page.
*/
@@ -36,5 +26,13 @@
* (for example: "title")
*/
public void onText(String s, String type);
+
+ /**
+ * Process a form on the page.
+ * @param method The form sending method. Normally GET or POST.
+ * @param action The URI to send the form to.
+ * @return The new action URI, or null if the form is not allowed.
+ */
+ public String processForm(String method, String action);
}
Modified:
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
===================================================================
---
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
2006-12-07 20:49:39 UTC (rev 11288)
+++
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
2006-12-07 21:08:20 UTC (rev 11289)
@@ -215,5 +215,26 @@
if(cb != null)
cb.onText(s, type, baseURI);
}
+
+ /**
+ * Process a form.
+ * Current strategy:
+ * - Both POST and GET forms are allowed to /
+ * Anything that is hazardous should be protected through formPassword.
+ */
+ public String processForm(String method, String action) {
+ if(action == null) return null;
+ method = method.toUpperCase();
+ if(!(method.equals("POST") || method.equals("GET")))
+ return null; // no irregular form sending methods
+ // Everything is allowed to / - updating the node, shutting it
down, everything.
+ // Why? Becuase it's all protected by formPassword anyway.
+ // FIXME whitelist? Most things are okay if the user is
prompted for a confirmation...
+ // FIXME what about /queue/ /darknet/ etc?
+ if(action.equals("/"))
+ return action;
+ // Otherwise disallow.
+ return null;
+ }
}
Modified: trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
2006-12-07 20:49:39 UTC (rev 11288)
+++ trunk/freenet/src/freenet/clients/http/filter/HTMLFilter.java
2006-12-07 21:08:20 UTC (rev 11289)
@@ -951,12 +951,9 @@
new FormTagVerifier(
"form",
new String[] {
- "method",
- "name",
- "enctype",
- "accept",
- "accept-charset" },
- new String[] { "action" },
+ "name" }, // FIXME add a whitelist
filter for accept
+ // All other attributes are handled by
FormTagVerifier.
+ new String[] { },
new String[] { "onsubmit", "onreset" }));
allowedTagsVerifiers.put(
"input",
@@ -1571,9 +1568,15 @@
ParsedTag p,
HTMLParseContext pc) throws DataFilterException {
Hashtable hn = super.sanitizeHash(h, p, pc);
- // Action has been previously sanitized, we force it :p
- hn.put("action","/");
-
+ String method = (String) h.get("method");
+ String action = (String) h.get("action");
+ String finalAction = pc.cb.processForm(method, action);
+ if(finalAction == null) return null;
+ hn.put("method", method);
+ hn.put("action", finalAction);
+ // Force enctype and accept-charset to acceptable
values.
+ hn.put("enctype", "multipart/form-data");
+ hn.put("accept-charset", "UTF-8");
return hn;
}
}
Modified: trunk/freenet/src/freenet/clients/http/filter/NullFilterCallback.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/filter/NullFilterCallback.java
2006-12-07 20:49:39 UTC (rev 11288)
+++ trunk/freenet/src/freenet/clients/http/filter/NullFilterCallback.java
2006-12-07 21:08:20 UTC (rev 11289)
@@ -5,14 +5,6 @@
public class NullFilterCallback implements FilterCallback {
- public boolean allowGetForms() {
- return false;
- }
-
- public boolean allowPostForms() {
- return false;
- }
-
public String processURI(String uri, String overrideType) {
return null;
}
@@ -25,4 +17,8 @@
// Do nothing
}
+ public String processForm(String method, String action) {
+ return null;
+ }
+
}
