svn commit: r646507 - /incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java

[jalkanen]

Author: jalkanen
Date: Wed Apr  9 13:01:06 2008
New Revision: 646507

URL: http://svn.apache.org/viewvc?rev=646507&view=rev
Log:
Hacking attempts at manipulating the version parameter no longer cause a slew 
of email to the admin...

Modified:
    incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java

Modified: incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java
URL: 
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java?rev=646507&r1=646506&r2=646507&view=diff
==============================================================================
--- incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java 
(original)
+++ incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/ui/CommandResolver.java Wed 
Apr  9 13:01:06 2008
@@ -491,7 +491,16 @@
 
         if ( rev != null )
         {
-            version = Integer.parseInt( rev );
+            try
+            {
+                version = Integer.parseInt( rev );
+            }
+            catch( NumberFormatException e )
+            {
+                // This happens a lot with bots or other guys who are trying
+                // to test if we are vulnerable to e.g. XSS attacks.  We catch
+                // it here so that the admin does not get tons of mail.
+            }
         }
 
         wikipage = m_engine.getPage( page, version );