Author: mcucchiara
Date: Thu Mar 24 08:11:57 2011
New Revision: 1084872
URL: http://svn.apache.org/viewvc?rev=1084872&view=rev
Log:
WW-3597 - XSS vulnerability in javatemplates plugin (thanks Gareth Faires)
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/FileHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/HiddenHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/PasswordHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/RadioHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/ResetHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SelectHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SubmitHandler.java
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/TextFieldHandler.java
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/FileHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/FileHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/FileHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/FileHandler.java
Thu Mar 24 08:11:57 2011
@@ -35,7 +35,7 @@ public class FileHandler extends Abstrac
a.addDefaultToEmpty("name", params.get("name"))
.add("type", "file")
.addIfExists("size", params.get("size"))
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfTrue("disabled", params.get("disabled"))
.addIfExists("accept", params.get("accept"))
.addIfExists("tabindex", params.get("tabindex"))
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/HiddenHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/HiddenHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/HiddenHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/HiddenHandler.java
Thu Mar 24 08:11:57 2011
@@ -34,7 +34,7 @@ public class HiddenHandler extends Abstr
a.addDefaultToEmpty("name", params.get("name"))
.add("type", "hidden")
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfTrue("disabled", params.get("disabled"))
.addIfExists("id", params.get("id"))
.addIfExists("class", params.get("cssClass"))
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/PasswordHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/PasswordHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/PasswordHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/PasswordHandler.java
Thu Mar 24 08:11:57 2011
@@ -34,7 +34,7 @@ public class PasswordHandler extends Abs
Boolean showPassword = (Boolean) params.get("showPassword");
if (showPassword != null && showPassword)
- attrs.addIfExists("value", params.get("nameValue"), false);
+ attrs.addIfExists("value", params.get("nameValue"));
attrs.addDefaultToEmpty("name", params.get("name"))
.add("type", "password")
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/RadioHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/RadioHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/RadioHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/RadioHandler.java
Thu Mar 24 08:11:57 2011
@@ -79,7 +79,7 @@ public class RadioHandler extends Abstra
a.add("type", "radio")
.addDefaultToEmpty("name", params.get("name"))
.addIfTrue("checked", checked)
- .addIfExists("value", itemKeyStr, false)
+ .addIfExists("value", itemKeyStr)
.addIfTrue("disabled", params.get("disabled"))
.addIfExists("tabindex", params.get("tabindex"))
.addIfExists("id", id);
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/ResetHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/ResetHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/ResetHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/ResetHandler.java
Thu Mar 24 08:11:57 2011
@@ -37,7 +37,7 @@ public class ResetHandler extends Abstra
attrs.addDefaultToEmpty("name", params.get("name"))
.add("type", "reset")
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfExists("tabindex", params.get("tabindex"))
.addIfExists("id", params.get("id"))
.addIfExists("class", params.get("cssClass"))
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SelectHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SelectHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SelectHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SelectHandler.java
Thu Mar 24 08:11:57 2011
@@ -43,7 +43,7 @@ public class SelectHandler extends Abstr
a.addDefaultToEmpty("name", params.get("name"))
.addIfExists("size", params.get("size"))
- .addIfExists("value", value, false)
+ .addIfExists("value", value)
.addIfTrue("disabled", params.get("disabled"))
.addIfTrue("readonly", params.get("readonly"))
.addIfTrue("multiple", params.get("multiple"))
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SubmitHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SubmitHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SubmitHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/SubmitHandler.java
Thu Mar 24 08:11:57 2011
@@ -38,7 +38,7 @@ public class SubmitHandler extends Abstr
if ("button".equals(type)) {
attrs.addIfExists("name", params.get("name"))
.add("type", "submit")
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfTrue("disabled", params.get("disabled"))
.addIfExists("tabindex", params.get("tabindex"))
.addIfExists("id", params.get("id"))
@@ -47,7 +47,7 @@ public class SubmitHandler extends Abstr
start("button", attrs);
} else if ("image".equals(type)) {
- attrs.addIfExists("src", params.get("src"), false)
+ attrs.addIfExists("src", params.get("src"))
.add("type", "image")
.addIfExists("alt", params.get("label"))
.addIfExists("id", params.get("id"))
@@ -57,7 +57,7 @@ public class SubmitHandler extends Abstr
} else {
attrs.addIfExists("name", params.get("name"))
.add("type", "submit")
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfTrue("disabled", params.get("disabled"))
.addIfExists("tabindex", params.get("tabindex"))
.addIfExists("id", params.get("id"))
Modified:
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/TextFieldHandler.java
URL:
http://svn.apache.org/viewvc/struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/TextFieldHandler.java?rev=1084872&r1=1084871&r2=1084872&view=diff
==============================================================================
---
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/TextFieldHandler.java
(original)
+++
struts/struts2/trunk/plugins/javatemplates/src/main/java/org/apache/struts2/views/java/simple/TextFieldHandler.java
Thu Mar 24 08:11:57 2011
@@ -36,7 +36,7 @@ public class TextFieldHandler extends Ab
.addDefaultToEmpty("name", params.get("name"))
.addIfExists("size", params.get("size"))
.addIfExists("maxlength", params.get("maxlength"))
- .addIfExists("value", params.get("nameValue"), false)
+ .addIfExists("value", params.get("nameValue"))
.addIfTrue("disabled", params.get("disabled"))
.addIfTrue("readonly", params.get("readonly"))
.addIfExists("tabindex", params.get("tabindex"))
