Thanks for fixing this, Ralph!
Cheers, Hari On Monday, June 24, 2013 at 2:28 PM, [email protected] wrote: > Author: rgoers > Date: Mon Jun 24 21:28:46 2013 > New Revision: 867285 > > Log: > Fix Javadoc security issues > > Modified: > websites/production/flume/content/releases/content/1.0.0-incubating/apidocs/index.html > websites/production/flume/content/releases/content/1.1.0-incubating/apidocs/index.html > websites/production/flume/content/releases/content/1.2.0/apidocs/index.html > websites/production/flume/content/releases/content/1.3.0/apidocs/index.html > websites/production/flume/content/releases/content/1.3.1/apidocs/index.html > > Modified: > websites/production/flume/content/releases/content/1.0.0-incubating/apidocs/index.html > ============================================================================== > --- > websites/production/flume/content/releases/content/1.0.0-incubating/apidocs/index.html > (original) > +++ > websites/production/flume/content/releases/content/1.0.0-incubating/apidocs/index.html > Mon Jun 24 21:28:46 2013 > @@ -13,6 +13,42 @@ Apache Flume 1.0.0-incubating API > targetPage = targetPage.substring(1); > if (targetPage.indexOf(":") != -1) > targetPage = "undefined"; > + if (targetPage != "" && !validURL(targetPage)) > + targetPage = "undefined"; > + function validURL(url) { > + var pos = url.indexOf(".html"); > + if (pos == -1 || pos != url.length - 5) > + return false; > + var allowNumber = false; > + var allowSep = false; > + var seenDot = false; > + for (var i = 0; i < url.length - 5; i++) { > + var ch = url.charAt(i); > + if ('a' <= ch && ch <= 'z' || > + 'A' <= ch && ch <= 'Z' || > + ch == '$' || > + ch == '_') { > + allowNumber = true; > + allowSep = true; > + } else if ('0' <= ch && ch <= '9' > + || ch == '-') { > + if (!allowNumber) > + return false; > + } else if (ch == '/' || ch == '.') { > + if (!allowSep) > + return false; > + allowNumber = false; > + allowSep = false; > + if (ch == '.') > + seenDot = true; > + if (ch == '/' && seenDot) > + return false; > + } else { > + return false; > + } > + } > + return true; > + } > function loadFrames() { > if (targetPage != "" && targetPage != "undefined") > top.classFrame.location = top.targetPage; > > Modified: > websites/production/flume/content/releases/content/1.1.0-incubating/apidocs/index.html > ============================================================================== > --- > websites/production/flume/content/releases/content/1.1.0-incubating/apidocs/index.html > (original) > +++ > websites/production/flume/content/releases/content/1.1.0-incubating/apidocs/index.html > Mon Jun 24 21:28:46 2013 > @@ -13,6 +13,42 @@ Apache Flume 1.1.0-incubating API > targetPage = targetPage.substring(1); > if (targetPage.indexOf(":") != -1) > targetPage = "undefined"; > + if (targetPage != "" && !validURL(targetPage)) > + targetPage = "undefined"; > + function validURL(url) { > + var pos = url.indexOf(".html"); > + if (pos == -1 || pos != url.length - 5) > + return false; > + var allowNumber = false; > + var allowSep = false; > + var seenDot = false; > + for (var i = 0; i < url.length - 5; i++) { > + var ch = url.charAt(i); > + if ('a' <= ch && ch <= 'z' || > + 'A' <= ch && ch <= 'Z' || > + ch == '$' || > + ch == '_') { > + allowNumber = true; > + allowSep = true; > + } else if ('0' <= ch && ch <= '9' > + || ch == '-') { > + if (!allowNumber) > + return false; > + } else if (ch == '/' || ch == '.') { > + if (!allowSep) > + return false; > + allowNumber = false; > + allowSep = false; > + if (ch == '.') > + seenDot = true; > + if (ch == '/' && seenDot) > + return false; > + } else { > + return false; > + } > + } > + return true; > + } > function loadFrames() { > if (targetPage != "" && targetPage != "undefined") > top.classFrame.location = top.targetPage; > > Modified: > websites/production/flume/content/releases/content/1.2.0/apidocs/index.html > ============================================================================== > --- > websites/production/flume/content/releases/content/1.2.0/apidocs/index.html > (original) > +++ > websites/production/flume/content/releases/content/1.2.0/apidocs/index.html > Mon Jun 24 21:28:46 2013 > @@ -13,6 +13,42 @@ Apache Flume 1.2.0 API > targetPage = targetPage.substring(1); > if (targetPage.indexOf(":") != -1) > targetPage = "undefined"; > + if (targetPage != "" && !validURL(targetPage)) > + targetPage = "undefined"; > + function validURL(url) { > + var pos = url.indexOf(".html"); > + if (pos == -1 || pos != url.length - 5) > + return false; > + var allowNumber = false; > + var allowSep = false; > + var seenDot = false; > + for (var i = 0; i < url.length - 5; i++) { > + var ch = url.charAt(i); > + if ('a' <= ch && ch <= 'z' || > + 'A' <= ch && ch <= 'Z' || > + ch == '$' || > + ch == '_') { > + allowNumber = true; > + allowSep = true; > + } else if ('0' <= ch && ch <= '9' > + || ch == '-') { > + if (!allowNumber) > + return false; > + } else if (ch == '/' || ch == '.') { > + if (!allowSep) > + return false; > + allowNumber = false; > + allowSep = false; > + if (ch == '.') > + seenDot = true; > + if (ch == '/' && seenDot) > + return false; > + } else { > + return false; > + } > + } > + return true; > + } > function loadFrames() { > if (targetPage != "" && targetPage != "undefined") > top.classFrame.location = top.targetPage; > > Modified: > websites/production/flume/content/releases/content/1.3.0/apidocs/index.html > ============================================================================== > --- > websites/production/flume/content/releases/content/1.3.0/apidocs/index.html > (original) > +++ > websites/production/flume/content/releases/content/1.3.0/apidocs/index.html > Mon Jun 24 21:28:46 2013 > @@ -13,6 +13,42 @@ Apache Flume 1.3.0 API > targetPage = targetPage.substring(1); > if (targetPage.indexOf(":") != -1) > targetPage = "undefined"; > + if (targetPage != "" && !validURL(targetPage)) > + targetPage = "undefined"; > + function validURL(url) { > + var pos = url.indexOf(".html"); > + if (pos == -1 || pos != url.length - 5) > + return false; > + var allowNumber = false; > + var allowSep = false; > + var seenDot = false; > + for (var i = 0; i < url.length - 5; i++) { > + var ch = url.charAt(i); > + if ('a' <= ch && ch <= 'z' || > + 'A' <= ch && ch <= 'Z' || > + ch == '$' || > + ch == '_') { > + allowNumber = true; > + allowSep = true; > + } else if ('0' <= ch && ch <= '9' > + || ch == '-') { > + if (!allowNumber) > + return false; > + } else if (ch == '/' || ch == '.') { > + if (!allowSep) > + return false; > + allowNumber = false; > + allowSep = false; > + if (ch == '.') > + seenDot = true; > + if (ch == '/' && seenDot) > + return false; > + } else { > + return false; > + } > + } > + return true; > + } > function loadFrames() { > if (targetPage != "" && targetPage != "undefined") > top.classFrame.location = top.targetPage; > > Modified: > websites/production/flume/content/releases/content/1.3.1/apidocs/index.html > ============================================================================== > --- > websites/production/flume/content/releases/content/1.3.1/apidocs/index.html > (original) > +++ > websites/production/flume/content/releases/content/1.3.1/apidocs/index.html > Mon Jun 24 21:28:46 2013 > @@ -13,6 +13,42 @@ Apache Flume 1.3.1 API > targetPage = targetPage.substring(1); > if (targetPage.indexOf(":") != -1) > targetPage = "undefined"; > + if (targetPage != "" && !validURL(targetPage)) > + targetPage = "undefined"; > + function validURL(url) { > + var pos = url.indexOf(".html"); > + if (pos == -1 || pos != url.length - 5) > + return false; > + var allowNumber = false; > + var allowSep = false; > + var seenDot = false; > + for (var i = 0; i < url.length - 5; i++) { > + var ch = url.charAt(i); > + if ('a' <= ch && ch <= 'z' || > + 'A' <= ch && ch <= 'Z' || > + ch == '$' || > + ch == '_') { > + allowNumber = true; > + allowSep = true; > + } else if ('0' <= ch && ch <= '9' > + || ch == '-') { > + if (!allowNumber) > + return false; > + } else if (ch == '/' || ch == '.') { > + if (!allowSep) > + return false; > + allowNumber = false; > + allowSep = false; > + if (ch == '.') > + seenDot = true; > + if (ch == '/' && seenDot) > + return false; > + } else { > + return false; > + } > + } > + return true; > + } > function loadFrames() { > if (targetPage != "" && targetPage != "undefined") > top.classFrame.location = top.targetPage; > >
