Author: markt
Date: Wed Jun 13 19:14:55 2007
New Revision: 547087
URL: http://svn.apache.org/viewvc?view=rev&rev=547087
Log:
Port fix for XSS issues in snoop.jsp. This is CVE-2007-2449.
Modified:
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/security/protected/index.jsp
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.html
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.jsp
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.txt
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/source.jsp
Modified:
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/security/protected/index.jsp
URL:
http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/examples/jsp/security/protected/index.jsp?view=diff&rev=547087&r1=547086&r2=547087
==============================================================================
---
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/security/protected/index.jsp
(original)
+++
tomcat/container/branches/tc4.1.x/webapps/examples/jsp/security/protected/index.jsp
Wed Jun 13 19:14:55 2007
@@ -1,3 +1,19 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
<%
if (request.getParameter("logoff") != null) {
session.invalidate();
@@ -11,14 +27,16 @@
</head>
<body bgcolor="white">
-You are logged in as remote user <b><%= request.getRemoteUser() %></b>
+You are logged in as remote user
+<b><%= util.HTMLFilter.filter(request.getRemoteUser()) %></b>
in session <b><%= session.getId() %></b><br><br>
<%
if (request.getUserPrincipal() != null) {
%>
Your user principal name is
- <b><%= request.getUserPrincipal().getName() %></b><br><br>
+ <b><%= util.HTMLFilter.filter(request.getUserPrincipal().getName()) %></b>
+ <br><br>
<%
} else {
%>
Modified: tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.html
URL:
http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.html?view=diff&rev=547087&r1=547086&r2=547087
==============================================================================
--- tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.html
(original)
+++ tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.html Wed
Jun 13 19:14:55 2007
@@ -1,7 +1,19 @@
<html>
<!--
- Copyright (c) 1999 The Apache Software Foundation. All rights
- reserved.
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
-->
<head>
@@ -10,10 +22,10 @@
</head>
<body bgcolor="#FFFFFF">
-<p><font color="#0000FF"><a href="snoop.jsp"><img
src="../../images/execute.gif" align="right" border="0"></a><a
href="../index.html"><img src="../../images/return.gif" width="24" height="24"
align="right" border="0"></a></font></p>
+<p><font color="#0000FF"><a href="snoop.jsp"><img src="../images/execute.gif"
align="right" border="0"></a><a href="../index.html"><img
src="../images/return.gif" width="24" height="24" align="right"
border="0"></a></font></p>
-<h3><a href="snoop.txt">Source Code for Request Parameters Example<font
color="#0000FF"></a>
- </font> </h3>
+<h3><a href="snoop.jsp.html">Source Code for Request Parameters Example<font
color="#0000FF">
+ </font></a></h3>
</body>
</html>
Modified: tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.jsp
URL:
http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.jsp?view=diff&rev=547087&r1=547086&r2=547087
==============================================================================
--- tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.jsp
(original)
+++ tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.jsp Wed
Jun 13 19:14:55 2007
@@ -1,43 +1,56 @@
<html>
<!--
- Copyright (c) 1999 The Apache Software Foundation. All rights
- reserved.
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
-->
<body bgcolor="white">
<h1> Request Information </h1>
<font size="4">
-JSP Request Method: <% out.print(util.HTMLFilter.filter(request.getMethod()));
%>
+JSP Request Method: <%= util.HTMLFilter.filter(request.getMethod()) %>
<br>
-Request URI: <%= request.getRequestURI() %>
+Request URI: <%= util.HTMLFilter.filter(request.getRequestURI()) %>
<br>
-Request Protocol: <%= request.getProtocol() %>
+Request Protocol: <%= util.HTMLFilter.filter(request.getProtocol()) %>
<br>
-Servlet path: <%= request.getServletPath() %>
+Servlet path: <%= util.HTMLFilter.filter(request.getServletPath()) %>
<br>
-Path info: <% out.print(util.HTMLFilter.filter(request.getPathInfo())); %>
+Path info: <%= util.HTMLFilter.filter(request.getPathInfo()) %>
<br>
-Query string: <% out.print(util.HTMLFilter.filter(request.getQueryString()));
%>
+Query string: <%= util.HTMLFilter.filter(request.getQueryString()) %>
<br>
Content length: <%= request.getContentLength() %>
<br>
-Content type: <% out.print(util.HTMLFilter.filter(request.getContentType()));
%>
+Content type: <%= util.HTMLFilter.filter(request.getContentType()) %>
<br>
-Server name: <%= request.getServerName() %>
+Server name: <%= util.HTMLFilter.filter(request.getServerName()) %>
<br>
Server port: <%= request.getServerPort() %>
<br>
-Remote user: <%= request.getRemoteUser() %>
+Remote user: <%= util.HTMLFilter.filter(request.getRemoteUser()) %>
<br>
-Remote address: <%= request.getRemoteAddr() %>
+Remote address: <%= util.HTMLFilter.filter(request.getRemoteAddr()) %>
<br>
-Remote host: <%= request.getRemoteHost() %>
+Remote host: <%= util.HTMLFilter.filter(request.getRemoteHost()) %>
<br>
-Authorization scheme: <%= request.getAuthType() %>
+Authorization scheme: <%= util.HTMLFilter.filter(request.getAuthType()) %>
<br>
Locale: <%= request.getLocale() %>
<hr>
-The browser you are using is <%
out.print(util.HTMLFilter.filter(request.getHeader("User-Agent"))); %>
+The browser you are using is
+<%= util.HTMLFilter.filter(request.getHeader("User-Agent")) %>
<hr>
</font>
</body>
Modified: tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.txt
URL:
http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.txt?view=diff&rev=547087&r1=547086&r2=547087
==============================================================================
--- tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.txt
(original)
+++ tomcat/container/branches/tc4.1.x/webapps/examples/jsp/snp/snoop.txt Wed
Jun 13 19:14:55 2007
@@ -7,37 +7,38 @@
<body bgcolor="white">
<h1> Request Information </h1>
<font size="4">
-JSP Request Method: <%= request.getMethod() %>
+JSP Request Method: <%= util.HTMLFilter.filter(request.getMethod()) %>
<br>
-Request URI: <%= request.getRequestURI() %>
+Request URI: <%= util.HTMLFilter.filter(request.getRequestURI()) %>
<br>
-Request Protocol: <%= request.getProtocol() %>
+Request Protocol: <%= util.HTMLFilter.filter(request.getProtocol()) %>
<br>
-Servlet path: <%= request.getServletPath() %>
+Servlet path: <%= util.HTMLFilter.filter(request.getServletPath()) %>
<br>
-Path info: <%= request.getPathInfo() %>
+Path info: <%= util.HTMLFilter.filter(request.getPathInfo()) %>
<br>
-Path translated: <%= request.getPathTranslated() %>
-<br>
-Query string: <%= request.getQueryString() %>
+Query string: <%= util.HTMLFilter.filter(request.getQueryString()) %>
<br>
Content length: <%= request.getContentLength() %>
<br>
-Content type: <%= request.getContentType() %>
+Content type: <%= util.HTMLFilter.filter(request.getContentType()) %>
<br>
-Server name: <%= request.getServerName() %>
+Server name: <%= util.HTMLFilter.filter(request.getServerName()) %>
<br>
Server port: <%= request.getServerPort() %>
<br>
-Remote user: <%= request.getRemoteUser() %>
+Remote user: <%= util.HTMLFilter.filter(request.getRemoteUser()) %>
+<br>
+Remote address: <%= util.HTMLFilter.filter(request.getRemoteAddr()) %>
<br>
-Remote address: <%= request.getRemoteAddr() %>
+Remote host: <%= util.HTMLFilter.filter(request.getRemoteHost()) %>
<br>
-Remote host: <%= request.getRemoteHost() %>
+Authorization scheme: <%= util.HTMLFilter.filter(request.getAuthType()) %>
<br>
-Authorization scheme: <%= request.getAuthType() %>
+Locale: <%= request.getLocale() %>
<hr>
-The browser you are using is <%= request.getHeader("User-Agent") %>
+The browser you are using is
+<%= util.HTMLFilter.filter(request.getHeader("User-Agent")) %>
<hr>
</font>
</body>
Modified: tomcat/container/branches/tc4.1.x/webapps/examples/jsp/source.jsp
URL:
http://svn.apache.org/viewvc/tomcat/container/branches/tc4.1.x/webapps/examples/jsp/source.jsp?view=diff&rev=547087&r1=547086&r2=547087
==============================================================================
--- tomcat/container/branches/tc4.1.x/webapps/examples/jsp/source.jsp (original)
+++ tomcat/container/branches/tc4.1.x/webapps/examples/jsp/source.jsp Wed Jun
13 19:14:55 2007
@@ -1,4 +1,20 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
<%@ taglib uri="http://jakarta.apache.org/tomcat/examples-taglib";
prefix="eg" %>
-<eg:ShowSource jspFile="<%= request.getQueryString() %>"/>
+<eg:ShowSource jspFile="<%= util.HTMLFilter.filter(request.getQueryString())
%>"/>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
