Author: dbkr
Date: 2006-05-06 13:29:06 +0000 (Sat, 06 May 2006)
New Revision: 8621
Modified:
trunk/freenet/src/freenet/clients/http/FproxyToadlet.java
trunk/freenet/src/freenet/clients/http/PageMaker.java
trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java
trunk/freenet/src/freenet/node/Version.java
Log:
681: Anonymity improvents:
* Fix bug 132 (Reinstate Internet Explorer warning)
* Fix bug 131 (Downloads should have content-disposition: attatchment added too)
* Remove http URL in xml namespace (paranoid, but the URL is not necessary)
Modified: trunk/freenet/src/freenet/clients/http/FproxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/FproxyToadlet.java 2006-05-06
11:40:33 UTC (rev 8620)
+++ trunk/freenet/src/freenet/clients/http/FproxyToadlet.java 2006-05-06
13:29:06 UTC (rev 8621)
@@ -149,23 +149,34 @@
String forceString = httprequest.getParam("force");
boolean force = false;
+ boolean forcedownload = false;
if(forceString != null) {
if(forceString.equals(getForceValue(key, now))
||
forceString.equals(getForceValue(key, now-FORCE_GRAIN_INTERVAL)))
force = true;
}
- if(typeName.equals("application/x-msdownload")) {
+ if(httprequest.isParameterSet("forcedownload")) {
// Download to disk, this should be safe, and
is set when we do "force download to disk" from a dangerous-content-warning
page.
- force = true;
+ typeName = "application/x-msdownload";
+ forcedownload = true;
}
try {
- if(!force)
+ if(!force && !forcedownload) {
data = ContentFilter.filter(data,
ctx.getBucketFactory(), typeName);
+ }
- // Send the data, intact
- writeReply(ctx, 200, typeName, "OK", data);
+ if (forcedownload) {
+ MultiValueTable headers = new
MultiValueTable();
+
+ headers.put("Content-Disposition",
"attachment");
+ ctx.sendReplyHeaders(200, "OK",
headers, typeName, data.size());
+ ctx.writeData(data);
+ } else {
+ // Send the data, intact
+ writeReply(ctx, 200, typeName, "OK",
data);
+ }
} catch (UnsafeContentTypeException e) {
StringBuffer buf = new StringBuffer();
ctx.getPageMaker().makeHead(buf, "Potentially
Dangerous Content");
@@ -176,7 +187,7 @@
buf.append("<p>Your options are:</p><ul>\n");
buf.append("<li><a
href=\"/"+key.toString(false)+"?type=text/plain\">Click here</a> to open the
file as plain text (this should not be dangerous, but it may be
garbled).</li>\n");
// FIXME: is this safe? See bug #131
- buf.append("<li><a
href=\"/"+key.toString(false)+"?type=application/x-msdownload\">Click here</a>
to force your browser to download the file to disk.</li>\n");
+ buf.append("<li><a
href=\"/"+key.toString(false)+"?forcedownload\">Click here</a> to force your
browser to download the file to disk.</li>\n");
buf.append("<li><a
href=\"/"+key.toString(false)+"?force="+getForceValue(key, now)+"\">Click
here</a> to open the file as "+HTMLEncoder.encode(typeName)+".</li>\n");
buf.append("<li><a href=\"/\">Click here</a> to
go to the FProxy home page.</li>\n");
buf.append("</ul>");
Modified: trunk/freenet/src/freenet/clients/http/PageMaker.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PageMaker.java 2006-05-06
11:40:33 UTC (rev 8620)
+++ trunk/freenet/src/freenet/clients/http/PageMaker.java 2006-05-06
13:29:06 UTC (rev 8621)
@@ -38,7 +38,7 @@
public void makeTopHead(StringBuffer buf) {
buf.append("<!DOCTYPE\n"
+ " html PUBLIC \"-//W3C//DTD XHTML
1.1//EN\">\n"
- + "<html xmlns=\"http://www.w3.org/1999/xhtml\";
xml:lang=\"en\">\n"
+ + "<html xml:lang=\"en\">\n"
+ "<head>\n"
+ "<meta http-equiv=\"Content-Type\"
content=\"text/html;\" />\n"
+"<link rel=\"stylesheet\"
href=\"/static/themes/"+this.theme+"/theme.css\" type=\"text/css\" />\n");
Modified: trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java 2006-05-06
11:40:33 UTC (rev 8620)
+++ trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java 2006-05-06
13:29:06 UTC (rev 8621)
@@ -212,6 +212,15 @@
ctx.getPageMaker().makeHead(buf, "Freenet FProxy Homepage");
if(node.isTestnetEnabled())
buf.append("<div style=\"color: red; font-size: 200%;
\">WARNING: TESTNET MODE ENABLED</div>");
+
+ String useragent = (String)ctx.getHeaders().get("user-agent");
+
+ if (useragent != null) {
+ useragent = useragent.toLowerCase();
+ if (useragent.indexOf("msie") > -1 &&
useragent.indexOf("opera") == -1) {
+ buf.append("<div style=\"color:
darkred\"><b>Warning</b>: You appear to be using Internet Explorer. This means
that some sites within Freenet may be able to compromise your
anonymity.</div>");
+ }
+ }
// Alerts
Modified: trunk/freenet/src/freenet/node/Version.java
===================================================================
--- trunk/freenet/src/freenet/node/Version.java 2006-05-06 11:40:33 UTC (rev
8620)
+++ trunk/freenet/src/freenet/node/Version.java 2006-05-06 13:29:06 UTC (rev
8621)
@@ -20,7 +20,7 @@
public static final String protocolVersion = "1.0";
/** The build number of the current revision */
- private static final int buildNumber = 680;
+ private static final int buildNumber = 681;
/** Oldest build of Fred we will talk to */
private static final int lastGoodBuild = 591;
