Author: toad
Date: 2006-11-03 21:35:28 +0000 (Fri, 03 Nov 2006)
New Revision: 10812
Modified:
trunk/freenet/src/freenet/clients/http/ConfigToadlet.java
trunk/freenet/src/freenet/clients/http/HTTPRequest.java
trunk/freenet/src/freenet/clients/http/LocalFileInsertToadlet.java
trunk/freenet/src/freenet/clients/http/PluginToadlet.java
trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
trunk/freenet/src/freenet/clients/http/QueueToadlet.java
trunk/freenet/src/freenet/clients/http/StatisticsToadlet.java
trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java
Log:
Mostly fixing to toadlets to use Part's instead of Param's when data is posted.
Also fix the Browse... button, and some minor refactoring.
Modified: trunk/freenet/src/freenet/clients/http/ConfigToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/ConfigToadlet.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/ConfigToadlet.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -2,7 +2,6 @@
import java.io.IOException;
import java.net.URI;
-import java.net.URISyntaxException;
import java.util.Arrays;
import freenet.client.HighLevelSimpleClient;
@@ -15,11 +14,12 @@
import freenet.support.Logger;
import freenet.support.MultiValueTable;
import freenet.support.io.Bucket;
-import freenet.support.io.BucketTools;
// FIXME: add logging, comments
public class ConfigToadlet extends Toadlet {
+ // If a setting has to be more than a meg, something is seriously wrong!
+ private static final int MAX_PARAM_VALUE_SIZE = 1024*1024;
private Config config;
private final NodeClientCore core;
private final Node node;
@@ -35,23 +35,9 @@
StringBuffer errbuf = new StringBuffer();
SubConfig[] sc = config.getConfigs();
- // FIXME this is stupid, use a direct constructor
+ HTTPRequest request = new HTTPRequest(uri, data, ctx);
- if(data.size() > 1024*1024) {
- this.writeReply(ctx, 400, "text/plain", "Too big", "Too
much data, config servlet limited to 1MB");
- return;
- }
- byte[] d = BucketTools.toByteArray(data);
- String s = new String(d, "us-ascii");
- HTTPRequest request;
- try {
- request = new HTTPRequest("/", s);
- } catch (URISyntaxException e) {
- Logger.error(this, "Impossible: "+e, e);
- return;
- }
-
- String pass = request.getParam("formPassword");
+ String pass = request.getPartAsString("formPassword", 32);
if((pass == null) || !pass.equals(core.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/config/");
@@ -71,11 +57,12 @@
if(logMINOR) Logger.minor(this, "Setting
"+prefix+"."+configName);
// we ignore unreconized parameters
-
if(request.isParameterSet(prefix+"."+configName)) {
-
if(!(o[j].getValueString().equals(request.getParam(prefix+"."+configName)))){
- if(logMINOR) Logger.minor(this,
"Setting "+prefix+"."+configName+" to
"+request.getParam(prefix+"."+configName));
+ if(request.isPartSet(prefix+"."+configName)) {
+ String value =
request.getPartAsString(prefix+"."+configName, MAX_PARAM_VALUE_SIZE);
+
if(!(o[j].getValueString().equals(value))){
+ if(logMINOR) Logger.minor(this,
"Setting "+prefix+"."+configName+" to "+value);
try{
-
o[j].setValue(request.getParam(prefix+"."+configName));
+ o[j].setValue(value);
}catch(Exception e){
errbuf.append(o[j].getName()+" "+e+"\n");
Logger.error(this,
"Caught "+e, e);
Modified: trunk/freenet/src/freenet/clients/http/HTTPRequest.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/HTTPRequest.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/HTTPRequest.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -104,8 +104,6 @@
/**
* Creates a new HTTPRequest for the given URI and data.
- * multipart/form-data will be split into Part's, but
- * application/x-www-form-urlencoded will be split into Param's.
*
* @param uri The URI being requested
* @param h Client headers
@@ -213,6 +211,8 @@
} // FIXME some other encoding?
Bucket b = new
SimpleReadOnlyArrayBucket(buf);
parts.put(name, b);
+ if(logMINOR)
+ Logger.minor(this, "Added as
part: name="+name+" value="+value);
} else {
// get the list of values for this
parameter that were parsed so far
List valueList =
this.getParameterValueList(name);
@@ -356,6 +356,18 @@
}
}
+ public int getIntPart(String name, int defaultValue) {
+ if (!this.isPartSet(name)) {
+ return defaultValue;
+ }
+ String value = this.getPartAsString(name, 32);
+ try {
+ return Integer.parseInt(value);
+ } catch (NumberFormatException e) {
+ return defaultValue;
+ }
+ }
+
// TODO: add similar methods for long, boolean etc.
/**
Modified: trunk/freenet/src/freenet/clients/http/LocalFileInsertToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/LocalFileInsertToadlet.java
2006-11-03 20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/LocalFileInsertToadlet.java
2006-11-03 21:35:28 UTC (rev 10812)
@@ -115,7 +115,7 @@
HTMLNode formNode =
cellNode.addChild("form", new String[] { "action", "method", "accept-charset"
}, new String[] { "/queue/", "post", "utf-8" });
formNode.addChild("input", new
String[] { "type", "name", "value" }, new String[] { "hidden", "formPassword",
core.formPassword });
formNode.addChild("input", new
String[] { "type", "name", "value" }, new String[] { "hidden", "filename",
currentFile.getAbsolutePath() });
- formNode.addChild("input", new
String[] { "type", "name", "value" }, new String[] { "submit", "insert-local",
"Insert" });
+ formNode.addChild("input", new
String[] { "type", "name", "value" }, new String[] { "submit",
"insert-local-file", "Insert" });
fileRow.addChild("td",
currentFile.getName());
fileRow.addChild("td", "class",
"right-align", String.valueOf(currentFile.length()));
} else {
Modified: trunk/freenet/src/freenet/clients/http/PluginToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PluginToadlet.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/PluginToadlet.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -23,6 +23,7 @@
*/
public class PluginToadlet extends Toadlet {
+ private static final int MAX_PLUGIN_NAME_LENGTH = 1024;
/** The plugin manager backing this toadlet. */
private final PluginManager pluginManager;
private final NodeClientCore core;
@@ -81,7 +82,7 @@
return;
}
- String action = httpRequest.getParam("action");
+ String action = httpRequest.getPartAsString("action", 32);
if (action.length() == 0) {
writePermanentRedirect(ctx, "Plugin list",
"?action=list");
return;
@@ -120,7 +121,7 @@
return;
}
- String pass = httpRequest.getParam("formPassword");
+ String pass = httpRequest.getPartAsString("formPassword", 32);
if((pass == null) || !pass.equals(core.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/plugin/");
@@ -128,7 +129,7 @@
return;
}
- String action = httpRequest.getParam("action");
+ String action = httpRequest.getPartAsString("action", 32);
if (action.length() == 0) {
writePermanentRedirect(ctx, "Plugin list",
"?action=list");
return;
@@ -136,7 +137,7 @@
StringBuffer replyBuffer = new StringBuffer();
if ("add".equals(action)) {
- pluginName = httpRequest.getParam("pluginName");
+ pluginName = httpRequest.getPartAsString("pluginName",
MAX_PLUGIN_NAME_LENGTH);
boolean added = false;
try {
pluginManager.addPlugin(pluginName, true);
@@ -149,14 +150,14 @@
}
replyBuffer.append(createBox(ctx, "Plugin was not
loaded", "The plugin you requested could not be loaded. Please verify the name
of the plugin\u2019s class and the URL, if you gave one."));
} else if ("reload".equals(action)) {
- pluginName = httpRequest.getParam("pluginName");
+ pluginName = httpRequest.getPartAsString("pluginName",
MAX_PLUGIN_NAME_LENGTH);
Plugin plugin = findPlugin(pluginName);
pluginManager.removePlugin(plugin, false);
pluginManager.addPlugin(plugin.getClass().getName(),
false);
writePermanentRedirect(ctx, "Plugin list",
"?action=list");
return;
} else if ("unload".equals(action)) {
- pluginName = httpRequest.getParam("pluginName");
+ pluginName = httpRequest.getPartAsString("pluginName",
MAX_PLUGIN_NAME_LENGTH);
Plugin plugin = findPlugin(pluginName);
pluginManager.removePlugin(plugin, true);
writePermanentRedirect(ctx, "Plugin list",
"?action=list");
Modified: trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -20,6 +20,7 @@
import freenet.support.io.BucketTools;
public class PproxyToadlet extends Toadlet {
+ private static final int MAX_PLUGIN_NAME_LENGTH = 1024;
private final PluginManager pm;
private final NodeClientCore core;
@@ -36,25 +37,11 @@
public void handlePost(URI uri, Bucket data, ToadletContext ctx)
throws ToadletContextClosedException, IOException {
- // FIXME this is archaic! Make it use the direct bucket
constructor!
+ HTTPRequest request = new HTTPRequest(uri, data, ctx);
- if(data.size() > 1024*1024) {
- this.writeReply(ctx, 400, "text/plain", "Too big", "Too
much data, plugin servlet limited to 1MB");
- return;
- }
- byte[] d = BucketTools.toByteArray(data);
- String s = new String(d, "us-ascii");
- HTTPRequest request;
- try {
- request = new HTTPRequest("/", s);
- } catch (URISyntaxException e) {
- Logger.error(this, "Impossible: "+e, e);
- return;
- }
-
MultiValueTable headers = new MultiValueTable();
- String pass = request.getParam("formPassword");
+ String pass = request.getPartAsString("formPassword", 32);
if((pass == null) || !pass.equals(core.formPassword)) {
MultiValueTable hdrs = new MultiValueTable();
headers.put("Location", "/queue/");
@@ -62,49 +49,50 @@
return;
}
- if (request.isParameterSet("load")) {
- pm.startPlugin(request.getParam("load"), true);
+ if (request.isPartSet("load")) {
+ if(Logger.shouldLog(Logger.MINOR, this))
Logger.minor(this, "Loading "+request.getPartAsString("load",
MAX_PLUGIN_NAME_LENGTH));
+ pm.startPlugin(request.getPartAsString("load",
MAX_PLUGIN_NAME_LENGTH), true);
//writeReply(ctx, 200, "text/html", "OK",
mkForwardPage("Loading plugin", "Loading plugin...", ".", 5));
headers.put("Location", ".");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
return;
- }if (request.isParameterSet("cancel")){
+ }if (request.isPartSet("cancel")){
headers.put("Location", "/plugins/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
return;
- }if (request.getParam("unloadconfirm").length() > 0) {
- pm.killPlugin(request.getParam("unloadconfirm"));
+ }if (request.getPartAsString("unloadconfirm",
MAX_PLUGIN_NAME_LENGTH).length() > 0) {
+ pm.killPlugin(request.getPartAsString("unloadconfirm",
MAX_PLUGIN_NAME_LENGTH));
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Plugins");
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
HTMLNode infobox = contentNode.addChild("div", "class",
"infobox infobox-success");
infobox.addChild("div", "class", "infobox-header",
"Plugin unloaded");
HTMLNode infoboxContent = infobox.addChild("div",
"class", "infobox-content");
- infoboxContent.addChild("#", "The plugin " +
request.getParam("remove") + " has been unloaded.");
+ infoboxContent.addChild("#", "The plugin " +
request.getPartAsString("remove", MAX_PLUGIN_NAME_LENGTH) + " has been
unloaded.");
infoboxContent.addChild("br");
infoboxContent.addChild("a", "href", "/plugins/",
"Return to Plugin page.");
writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
return;
- }if (request.getParam("unload").length() > 0) {
+ }if (request.getPartAsString("unload",
MAX_PLUGIN_NAME_LENGTH).length() > 0) {
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Plugins");
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
HTMLNode infobox = contentNode.addChild("div", "class",
"infobox infobox-query");
infobox.addChild("div", "class", "infobox-header",
"Unload plugin?");
HTMLNode infoboxContent = infobox.addChild("div",
"class", "infobox-content");
- infoboxContent.addChild("#", "Are you sure you wish to
unload " + request.getParam("unload") + "?");
+ infoboxContent.addChild("#", "Are you sure you wish to
unload " + request.getPartAsString("unload", MAX_PLUGIN_NAME_LENGTH) + "?");
HTMLNode unloadForm = infoboxContent.addChild("form",
new String[] { "action", "method" }, new String[] { "/plugins/", "post" });
unloadForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "formPassword", core.formPassword
});
unloadForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "cancel", "Cancel" });
- unloadForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "unloadconfirm",
request.getParam("unload") });
+ unloadForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "unloadconfirm",
request.getPartAsString("unload", MAX_PLUGIN_NAME_LENGTH) });
unloadForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "confirm", "Unload" });
writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
return;
- }else if (request.getParam("reload").length() > 0) {
+ }else if (request.getPartAsString("reload",
MAX_PLUGIN_NAME_LENGTH).length() > 0) {
String fn = null;
Iterator it = pm.getPlugins().iterator();
while (it.hasNext()) {
PluginInfoWrapper pi = (PluginInfoWrapper)
it.next();
- if
(pi.getThreadName().equals(request.getParam("reload"))) {
+ if
(pi.getThreadName().equals(request.getPartAsString("reload",
MAX_PLUGIN_NAME_LENGTH))) {
fn = pi.getFilename();
break;
}
@@ -114,7 +102,7 @@
this.sendErrorPage(ctx, 404, "Plugin Not
Found", "The specified plugin could not be located in order to reload it.");
//writeReply(ctx, 200, "text/html", "OK",
mkForwardPage(ctx,"Error", "Plugin not found...", ".", 5));
} else {
- pm.killPlugin(request.getParam("reload"));
+ pm.killPlugin(request.getPartAsString("reload",
MAX_PLUGIN_NAME_LENGTH));
pm.startPlugin(fn, true);
headers.put("Location", ".");
Modified: trunk/freenet/src/freenet/clients/http/QueueToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/QueueToadlet.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/QueueToadlet.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -48,6 +48,11 @@
private static final int LIST_TOTAL_SIZE = 10;
private static final int LIST_PROGRESS = 11;
private static final int LIST_REASON = 12;
+
+ private static final int MAX_IDENTIFIER_LENGTH = 1024*1024;
+ private static final int MAX_FILENAME_LENGTH = 1024*1024;
+ private static final int MAX_TYPE_LENGTH = 1024;
+ static final int MAX_KEY_LENGTH = 1024*1024;
private NodeClientCore core;
final FCPServer fcp;
@@ -62,22 +67,20 @@
public void handlePost(URI uri, Bucket data, ToadletContext ctx) throws
ToadletContextClosedException, IOException, RedirectException {
HTTPRequest request = new HTTPRequest(uri, data, ctx);
try {
+ if ((data.size() > 1024 * 1024) &&
(request.getPartAsString("insert", 128).length() == 0)) {
+ this.writeReply(ctx, 400, "text/plain", "Too
big", "Data exceeds 1MB limit");
+ return;
+ }
+
+ // Browse... button
if (request.getPartAsString("insert-local",
128).length() > 0) {
MultiValueTable responseHeaders = new
MultiValueTable();
responseHeaders.put("Location", "/files/");
ctx.sendReplyHeaders(302, "Found",
responseHeaders, null, 0);
return;
- }
-
- if ((data.size() > 1024 * 1024) &&
(request.getPartAsString("insert", 128).length() == 0)) {
- this.writeReply(ctx, 400, "text/plain", "Too
big", "Data exceeds 1MB limit");
- return;
- }
-
- String pass = request.getParam("formPassword");
- if (pass.length() == 0) {
- pass = request.getPartAsString("formPassword",
128);
- }
+ }
+
+ String pass = request.getPartAsString("formPassword",
32);
if ((pass.length() == 0) ||
!pass.equals(core.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/queue/");
@@ -87,8 +90,8 @@
boolean logMINOR = Logger.shouldLog(Logger.MINOR, this);
- if(request.isParameterSet("remove_request") &&
(request.getParam("remove_request").length() > 0)) {
- String identifier =
request.getParam("identifier");
+ if(request.isPartSet("remove_request") &&
(request.getPartAsString("remove_request", 32).length() > 0)) {
+ String identifier =
request.getPartAsString("identifier", MAX_IDENTIFIER_LENGTH);
if(logMINOR) Logger.minor(this, "Removing
"+identifier);
try {
fcp.removeGlobalRequest(identifier);
@@ -97,8 +100,8 @@
}
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- } else if(request.isParameterSet("restart_request") &&
(request.getParam("restart_request").length() > 0)) {
- String identifier =
request.getParam("identifier");
+ } else if(request.isPartSet("restart_request") &&
(request.getPartAsString("restart_request", 32).length() > 0)) {
+ String identifier =
request.getPartAsString("identifier", MAX_IDENTIFIER_LENGTH);
if(logMINOR) Logger.minor(this, "Restarting
"+identifier);
ClientRequest[] clientRequests =
fcp.getGlobalRequests();
for (int requestIndex = 0, requestCount =
clientRequests.length; requestIndex < requestCount; requestIndex++) {
@@ -111,7 +114,7 @@
}
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- } else if(request.isParameterSet("remove_AllRequests")
&& (request.getParam("remove_AllRequests").length() > 0)) {
+ } else if(request.isPartSet("remove_AllRequests") &&
(request.getPartAsString("remove_AllRequests", 32).length() > 0)) {
ClientRequest[] reqs = fcp.getGlobalRequests();
if(logMINOR) Logger.minor(this, "Request count:
"+reqs.length);
@@ -127,31 +130,31 @@
}
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- }else if(request.isParameterSet("download")) {
+ }else if(request.isPartSet("download")) {
// Queue a download
- if(!request.isParameterSet("key")) {
+ if(!request.isPartSet("key")) {
writeError("No key specified to
download", "You did not specify a key to download.", ctx);
return;
}
String expectedMIMEType = null;
- if(request.isParameterSet("type")) {
- expectedMIMEType =
request.getParam("type");
+ if(request.isPartSet("type")) {
+ expectedMIMEType =
request.getPartAsString("type", MAX_TYPE_LENGTH);
}
FreenetURI fetchURI;
try {
- fetchURI = new
FreenetURI(request.getParam("key"));
+ fetchURI = new
FreenetURI(request.getPartAsString("key", MAX_KEY_LENGTH));
} catch (MalformedURLException e) {
writeError("Invalid URI to download",
"The URI is invalid and can not be downloaded.", ctx);
return;
}
- String persistence =
request.getParam("persistence");
- String returnType =
request.getParam("return-type");
+ String persistence =
request.getPartAsString("persistence", 32);
+ String returnType =
request.getPartAsString("return-type", 32);
fcp.makePersistentGlobalRequest(fetchURI,
expectedMIMEType, persistence, returnType);
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- } else if (request.isParameterSet("change_priority")) {
- String identifier =
request.getParam("identifier");
- short newPriority =
Short.parseShort(request.getParam("priority"));
+ } else if (request.isPartSet("change_priority")) {
+ String identifier =
request.getPartAsString("identifier", MAX_IDENTIFIER_LENGTH);
+ short newPriority =
Short.parseShort(request.getPartAsString("priority", 32));
ClientRequest[] clientRequests =
fcp.getGlobalRequests();
for (int requestIndex = 0, requestCount =
clientRequests.length; requestIndex < requestCount; requestIndex++) {
ClientRequest clientRequest =
clientRequests[requestIndex];
@@ -201,13 +204,15 @@
}
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- } else if (request.isParameterSet("insert-local")) {
- String filename = request.getParam("filename");
+ } else if (request.isPartSet("insert-local-file")) {
+ String filename =
request.getPartAsString("filename", MAX_FILENAME_LENGTH);
+ if(logMINOR) Logger.minor(this, "Inserting
local file: "+filename);
File file = new File(filename);
String identifier = file.getName() + "-fred-" +
System.currentTimeMillis();
String contentType =
DefaultMIMETypes.guessMIMEType(filename, false);
try {
ClientPut clientPut = new
ClientPut(fcp.getGlobalClient(), new FreenetURI("CHK@"), identifier,
Integer.MAX_VALUE, RequestStarter.BULK_SPLITFILE_PRIORITY_CLASS,
ClientRequest.PERSIST_FOREVER, null, false, false, -1,
ClientPutMessage.UPLOAD_FROM_DISK, file, contentType, new FileBucket(file,
true, false, false, false), null, file.getName(), false);
+ if(logMINOR) Logger.minor(this,
"Started global request to insert "+file+" to CHK@ as "+identifier);
clientPut.start();
fcp.forceStorePersistentRequests();
} catch (IdentifierCollisionException e) {
@@ -215,8 +220,8 @@
}
writePermanentRedirect(ctx, "Done", "/queue/");
return;
- } else if (request.isParameterSet("get")) {
- String identifier =
request.getParam("identifier");
+ } else if (request.isPartSet("get")) {
+ String identifier =
request.getPartAsString("identifier", MAX_IDENTIFIER_LENGTH);
ClientRequest[] clientRequests =
fcp.getGlobalRequests();
for (int requestIndex = 0, requestCount =
clientRequests.length; requestIndex < requestCount; requestIndex++) {
ClientRequest clientRequest =
clientRequests[requestIndex];
@@ -226,7 +231,7 @@
if
(clientGet.hasSucceeded()) {
Bucket
dataBucket = clientGet.getBucket();
if (dataBucket
!= null) {
- String
forceDownload = request.getParam("forceDownload");
+ String
forceDownload = request.getPartAsString("forceDownload", 32);
if
(forceDownload.length() > 0) {
long forceDownloadTime = Long.parseLong(forceDownload);
if ((System.currentTimeMillis() - forceDownloadTime) > 60 * 1000) {
Modified: trunk/freenet/src/freenet/clients/http/StatisticsToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/StatisticsToadlet.java
2006-11-03 20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/StatisticsToadlet.java
2006-11-03 21:35:28 UTC (rev 10812)
@@ -98,7 +98,6 @@
// Generate a Thread-Dump
if(node.isUsingWrapper()){
HTMLNode infobox =
contentNode.addChild(ctx.getPageMaker().getInfobox("Request a Thread Dump to be
generated"));
- // Yes, we want it to be a GET so that we can use
external tools to trigger it.
HTMLNode threadDumpForm =
ctx.getPageMaker().getContentNode(infobox).addChild("form", new String[] {
"action", "method" }, new String[] { "/", "POST" });
threadDumpForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "formPassword", core.formPassword
});
threadDumpForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "getThreadDump", "Generate a Thread
Dump" });
Modified: trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java 2006-11-03
20:00:14 UTC (rev 10811)
+++ trunk/freenet/src/freenet/clients/http/WelcomeToadlet.java 2006-11-03
21:35:28 UTC (rev 10812)
@@ -30,6 +30,9 @@
public class WelcomeToadlet extends Toadlet {
private final static int MODE_ADD = 1;
private final static int MODE_EDIT = 2;
+ private static final int MAX_URL_LENGTH = 1024 * 1024;
+ private static final int MAX_KEY_LENGTH = QueueToadlet.MAX_KEY_LENGTH;
+ private static final int MAX_NAME_LENGTH = 1024 * 1024;
NodeClientCore core;
Node node;
SubConfig config;
@@ -51,9 +54,17 @@
}
HTTPRequest request = new HTTPRequest(uri,data,ctx);
- if(request==null) return;
+
+ String passwd = request.getPartAsString("formPassword", 32);
+ if((passwd == null) || !passwd.equals(core.formPassword)) {
+ MultiValueTable headers = new MultiValueTable();
+ headers.put("Location", "/");
+ ctx.sendReplyHeaders(302, "Found", headers, null, 0);
+ if(Logger.shouldLog(Logger.MINOR, this))
Logger.minor(this, "No password ("+passwd+" should be "+core.formPassword+")");
+ return;
+ }
- if(request.getParam("updateconfirm").length() > 0){
+ if(request.getPartAsString("updateconfirm", 32).length() > 0){
// false for no navigation bars, because that would be
very silly
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Node updating");
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
@@ -66,16 +77,15 @@
node.ps.queueTimedJob(new Runnable() {
public void run() {
node.getNodeUpdater().Update(); }}, 0);
return;
- }else if
(request.getParam(GenericReadFilterCallback.magicHTTPEscapeString).length()>0){
- String pass = request.getParam("formPassword");
+ }else if
(request.getPartAsString(GenericReadFilterCallback.magicHTTPEscapeString,
MAX_URL_LENGTH).length()>0){
MultiValueTable headers = new MultiValueTable();
String url = null;
- if(((pass != null) && pass.equals(core.formPassword))
&& request.getParam("Go").length() > 0)
- url =
request.getParam(GenericReadFilterCallback.magicHTTPEscapeString);
+ if((request.getPartAsString("Go", 32).length() > 0))
+ url =
request.getPartAsString(GenericReadFilterCallback.magicHTTPEscapeString,
MAX_URL_LENGTH);
headers.put("Location", url==null ? "/" : url);
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
return;
- }else if (request.getParam("update").length() > 0) {
+ }else if (request.getPartAsString("update", 32).length() > 0) {
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Node Update");
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
HTMLNode infobox =
contentNode.addChild(ctx.getPageMaker().getInfobox("infobox-query", "Node
Update"));
@@ -84,11 +94,10 @@
HTMLNode updateForm =
content.addChild("p").addChild("form", new String[] { "action", "method" }, new
String[] { "/", "post" });
updateForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "cancel", "Cancel" });
updateForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "updateconfirm", "Update" });
+ updateForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "formPassword", core.formPassword
});
writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
return;
- }else if(request.isParameterSet("getThreadDump")) {
- String pass = request.getParam("formPassword");
- if(!pass.equals(core.formPassword)) return;
+ }else if(request.isPartSet("getThreadDump")) {
HTMLNode pageNode = ctx.getPageMaker().getPageNode("Get
a Thread Dump");
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
if(node.isUsingWrapper()){
@@ -102,11 +111,13 @@
}
this.writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
return;
- }else if (request.isParameterSet("addbookmark")) {
+ }else if (request.isPartSet("addbookmark")) {
+ String key = request.getPartAsString("key",
MAX_KEY_LENGTH);
+ String name = request.getPartAsString("name",
MAX_NAME_LENGTH);
try {
- bookmarks.addBookmark(new
Bookmark(request.getParam("key"), request.getParam("name")), true);
+ bookmarks.addBookmark(new Bookmark(key, name),
true);
} catch (MalformedURLException mue) {
- this.sendBookmarkEditPage(ctx, MODE_ADD, null,
request.getParam("key"), request.getParam("name"), "Given key does not appear
to be a valid Freenet key.");
+ this.sendBookmarkEditPage(ctx, MODE_ADD, null,
key, name, "Given key does not appear to be a valid Freenet key.");
return;
}
@@ -115,24 +126,26 @@
} catch (URISyntaxException ex) {
}
- } else if (request.isParameterSet("managebookmarks")) {
+ } else if (request.isPartSet("managebookmarks")) {
Enumeration e = bookmarks.getBookmarks();
while (e.hasMoreElements()) {
Bookmark b = (Bookmark)e.nextElement();
- if
(request.isParameterSet("delete_"+b.hashCode())) {
+ if (request.isPartSet("delete_"+b.hashCode())) {
bookmarks.removeBookmark(b, true);
- } else if
(request.isParameterSet("edit_"+b.hashCode())) {
+ } else if
(request.isPartSet("edit_"+b.hashCode())) {
this.sendBookmarkEditPage(ctx, b);
return;
- } else if
(request.isParameterSet("update_"+b.hashCode())) {
+ } else if
(request.isPartSet("update_"+b.hashCode())) {
// removing it and adding means that
any USK subscriptions are updated properly
+ String key =
request.getPartAsString("key", MAX_KEY_LENGTH);
+ String name =
request.getPartAsString("name", MAX_NAME_LENGTH);
try {
- Bookmark newbkmk = new
Bookmark(request.getParam("key"), request.getParam("name"));
+ Bookmark newbkmk = new
Bookmark(key, name);
bookmarks.removeBookmark(b,
false);
bookmarks.addBookmark(newbkmk,
true);
} catch (MalformedURLException mue) {
- this.sendBookmarkEditPage(ctx,
MODE_EDIT, b, request.getParam("key"), request.getParam("name"), "Given key
does not appear to be a valid freenet key.");
+ this.sendBookmarkEditPage(ctx,
MODE_EDIT, b, key, name, "Given key does not appear to be a valid freenet
key.");
return;
}
try {
@@ -147,10 +160,10 @@
} catch (URISyntaxException ex) {
return;
}
- }else if(request.isParameterSet("disable")){
+ }else if(request.isPartSet("disable")){
UserAlert[] alerts=core.alerts.getAlerts();
for(int i=0;i<alerts.length;i++){
-
if(request.getIntParam("disable")==alerts[i].hashCode()){
+
if(request.getIntPart("disable",-1)==alerts[i].hashCode()){
UserAlert alert = alerts[i];
// Won't be dismissed if it's not
allowed anyway
if(alert.userCanDismiss() &&
alert.shouldUnregisterOnDismiss()) {
@@ -278,14 +291,8 @@
writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
request.freeParts();
bucket.free();
- }else if (request.isParameterSet("shutdownconfirm")) {
+ }else if (request.isPartSet("shutdownconfirm")) {
// Tell the user that the node is shutting down
- if(!(request.isParameterSet("formPassword")) ||
!(core.formPassword.equals(request.getParam("formPassword")))){
- MultiValueTable headers = new MultiValueTable();
- headers.put("Location", "/");
- ctx.sendReplyHeaders(302, "Found", headers,
null, 0);
- return;
- }
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Node Shutdown", false);
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
HTMLNode infobox =
contentNode.addChild(ctx.getPageMaker().getInfobox("infobox-information", "The
Freenet node has been successfully shut down."));
@@ -294,14 +301,8 @@
writeReply(ctx, 200, "text/html; charset=utf-8", "OK",
pageNode.generate());
this.node.exit("Shutdown from fproxy");
return;
- }else if(request.isParameterSet("restartconfirm")){
+ }else if(request.isPartSet("restartconfirm")){
// Tell the user that the node is restarting
- if(!(request.isParameterSet("formPassword")) ||
!(core.formPassword.equals(request.getParam("formPassword")))){
- MultiValueTable headers = new MultiValueTable();
- headers.put("Location", "/");
- ctx.sendReplyHeaders(302, "Found", headers,
null, 0);
- return;
- }
HTMLNode pageNode =
ctx.getPageMaker().getPageNode("Node Restart", false);
HTMLNode contentNode =
ctx.getPageMaker().getContentNode(pageNode);
HTMLNode infobox =
contentNode.addChild(ctx.getPageMaker().getInfobox("infobox-information", "The
Freenet is being restarted."));
@@ -329,6 +330,7 @@
addForm.addChild("br");
addForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "key",
request.getParam("newbookmark") });
addForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "text", "name", request.getParam("desc") });
+ addForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "hidden", "formPassword", core.formPassword
});
addForm.addChild("input", new String[] { "type",
"name", "value" }, new String[] { "submit", "addbookmark", "Add bookmark" });
this.writeReply(ctx, 200, "text/html", "OK",
pageNode.generate());
return;
