http node

[email protected] Thu, 7 Sep 2006 11:32:16 +0000 (UTC)

Author: toad
Date: 2006-09-07 11:32:14 +0000 (Thu, 07 Sep 2006)
New Revision: 10421


Modified:
   trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
   trunk/freenet/src/freenet/node/Version.java
Log:
972: Fix "?key=/www.whatismyip.com" bug.
- Probably not exploitable by freesites
- But if you put /<key> in the box, your browser would feed it to google!
Also deploy some not well tested changes which may prevent output flooding.

Modified: trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/FProxyToadlet.java   2006-09-06 
22:07:31 UTC (rev 10420)
+++ trunk/freenet/src/freenet/clients/http/FProxyToadlet.java   2006-09-07 
11:32:14 UTC (rev 10421)
@@ -45,6 +45,15 @@
        /** Maximum size for transparent pass-through, should be a config 
option */
        static final long MAX_LENGTH = 2*1024*1024; // 2MB

+       static final URI welcome;
+       static {
+               try {
+                       welcome = new URI("/welcome/");
+               } catch (URISyntaxException e) {
+                       throw new Error("Broken URI constructor: "+e, e);
+               }
+       }
+       
        public FProxyToadlet(HighLevelSimpleClient client, NodeClientCore core) 
{
                super(client);
                client.setMaxLength(MAX_LENGTH);
@@ -145,7 +154,16 @@
                        if (httprequest.isParameterSet("key")) {
                                MultiValueTable headers = new MultiValueTable();

-                               headers.put("Location", 
"/"+httprequest.getParam("key"));
+                               String k = httprequest.getParam("key");
+                               FreenetURI newURI;
+                               try {
+                                       newURI = new FreenetURI(k);
+                               } catch (MalformedURLException e) {
+                                       sendErrorPage(ctx, 404, "Not found", 
"Invalid key");
+                                       return;
+                               }
+                               
+                               headers.put("Location", "/"+newURI);
                                ctx.sendReplyHeaders(302, "Found", headers, 
null, 0);
                                return;
                        }
@@ -155,7 +173,7 @@
                                String querystring = uri.getQuery();

                                if (querystring == null) {
-                                       re.newuri = new URI("/welcome/");
+                                       re.newuri = welcome;
                                } else {
                                        // TODP possibly a proper URLEncode 
method
                                        querystring = querystring.replace(' ', 
'+');

Modified: trunk/freenet/src/freenet/node/Version.java
===================================================================
--- trunk/freenet/src/freenet/node/Version.java 2006-09-06 22:07:31 UTC (rev 
10420)
+++ trunk/freenet/src/freenet/node/Version.java 2006-09-07 11:32:14 UTC (rev 
10421)
@@ -21,7 +21,7 @@
        public static final String protocolVersion = "1.0";

        /** The build number of the current revision */
-       private static final int buildNumber = 971;
+       private static final int buildNumber = 972;

        /** Oldest build of Fred we will talk to */
        private static final int oldLastGoodBuild = 950;

[freenet-cvs] r10421 - in trunk/freenet/src/freenet: clients/http node

Reply via email to