Author: nextgens
Date: 2007-03-22 01:19:35 +0000 (Thu, 22 Mar 2007)
New Revision: 12270
Modified:
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
Log:
Remove some dead code and enforce a security check
Modified:
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
===================================================================
---
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
2007-03-22 01:08:35 UTC (rev 12269)
+++
trunk/freenet/src/freenet/clients/http/filter/GenericReadFilterCallback.java
2007-03-22 01:19:35 UTC (rev 12270)
@@ -51,15 +51,7 @@
throw new Error(e);
}
}
-
- public boolean allowGetForms() {
- return false;
- }
- public boolean allowPostForms() {
- return false;
- }
-
public String processURI(String u, String overrideType) throws
CommentException {
return processURI(u, overrideType, false);
}
@@ -254,7 +246,7 @@
String path = uri.getPath();
if(path.startsWith(PLUGINS_PREFIX)) {
String after =
path.substring(PLUGINS_PREFIX.length());
- if(after.indexOf("/../") > -1)
+ if(after.indexOf("../") > -1)
throw new CommentException("Attempt to
escape directory structure");
if(after.matches("[A-Za-z0-9\\.]+"))
return uri.toASCIIString();
