remm02/04/23 08:17:26
Modified:webapps/examples/WEB-INF/classes CookieExample.java
RequestHeaderExample.java RequestInfoExample.java
RequestParamExample.java SessionExample.java
webapps/examples/jsp/cal cal1.jsp
webapps/examples/jsp/checkbox checkresult.jsp
webapps/examples/jsp/sessions carts.jsp
webapps/examples/jsp/snp snoop.jsp
Added: webapps/examples/WEB-INF/classes/util HTMLFilter.java
Removed: webapps/examples/WEB-INF/classes SnoopServlet.java
TroubleShooter.java
Log:
- Fix all the cross-scripting vulnerabilities I could find.
- Remove the two servlets which were exposing path information.
- Obviously, the examples webapp should be removed before putting
Tomcat in production anyway.
Revision ChangesPath
1.3 +12 -7
jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/CookieExample.java
Index: CookieExample.java
===
RCS file:
/home/cvs/jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/CookieExample.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- CookieExample.java11 Jun 2001 22:49:11 - 1.2
+++ CookieExample.java23 Apr 2002 15:17:25 - 1.3
@@ -1,4 +1,4 @@
-/* $Id: CookieExample.java,v 1.2 2001/06/11 22:49:11 craigmcc Exp $
+/* $Id: CookieExample.java,v 1.3 2002/04/23 15:17:25 remm Exp $
*
*/
@@ -8,6 +8,8 @@
import javax.servlet.*;
import javax.servlet.http.*;
+import util.HTMLFilter;
+
/**
* Example servlet showing request headers
*
@@ -54,9 +56,11 @@
out.println(rb.getString(cookies.cookies) + br);
for (int i = 0; i cookies.length; i++) {
Cookie cookie = cookies[i];
-out.print(Cookie Name: + cookie.getName() + br);
-out.println( Cookie Value: + cookie.getValue() +
- brbr);
+out.print(Cookie Name: + HTMLFilter.filter(cookie.getName())
+ + br);
+out.println( Cookie Value:
++ HTMLFilter.filter(cookie.getValue())
++ brbr);
}
} else {
out.println(rb.getString(cookies.no-cookies));
@@ -69,9 +73,10 @@
response.addCookie(cookie);
out.println(P);
out.println(rb.getString(cookies.set) + br);
-out.print(rb.getString(cookies.name) ++ cookieName +
- br);
-out.print(rb.getString(cookies.value) ++ cookieValue);
+out.print(rb.getString(cookies.name) +
+ + HTMLFilter.filter(cookieName) + br);
+out.print(rb.getString(cookies.value) +
+ + HTMLFilter.filter(cookieValue));
}
out.println(P);
1.2 +8 -3
jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/RequestHeaderExample.java
Index: RequestHeaderExample.java
===
RCS file:
/home/cvs/jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/RequestHeaderExample.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- RequestHeaderExample.java 17 Aug 2000 00:57:53 - 1.1
+++ RequestHeaderExample.java 23 Apr 2002 15:17:25 - 1.2
@@ -1,4 +1,4 @@
-/* $Id: RequestHeaderExample.java,v 1.1 2000/08/17 00:57:53 horwat Exp $
+/* $Id: RequestHeaderExample.java,v 1.2 2002/04/23 15:17:25 remm Exp $
*
*/
@@ -8,6 +8,8 @@
import javax.servlet.*;
import javax.servlet.http.*;
+import util.HTMLFilter;
+
/**
* Example servlet showing request headers
*
@@ -53,8 +55,11 @@
while (e.hasMoreElements()) {
String headerName = (String)e.nextElement();
String headerValue = request.getHeader(headerName);
-out.println(trtd bgcolor=\#CC\ + headerName);
-out.println(/tdtd + headerValue + /td/tr);
+out.println(trtd bgcolor=\#CC\);
+out.println(HTMLFilter.filter(headerName));
+out.println(/tdtd);
+out.println(HTMLFilter.filter(headerValue));
+out.println(/td/tr);
}
out.println(/table);
}
1.2 +4 -3
jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/RequestInfoExample.java
Index: RequestInfoExample.java
===
RCS file:
/home/cvs/jakarta-tomcat-4.0/webapps/examples/WEB-INF/classes/RequestInfoExample.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2