[jbossweb-commits] JBossWeb SVN: r200 - trunk/java/org/apache/catalina/manager/host.

Wednesday, 18 July 2007

Author: remy.maucherat(a)jboss.com
Date: 2007-07-18 22:59:37 -0400 (Wed, 18 Jul 2007)
New Revision: 200

Modified:
   trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
Log:
- Cleanup and XSS.

Modified: trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
===================================================================

--- trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java	2007-07-19
01:02:55 UTC (rev 199)
+++ trunk/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java	2007-07-19
02:59:37 UTC (rev 200)
@@ -54,7 +54,7 @@
 * @author Malcolm Edgar
 * @author Glenn L. Nielsen
 * @author Peter Rossbach
-* @version $Revision: 467222 $, $Date: 2006-10-24 05:17:11 +0200 (mar., 24 oct. 2006) $
+* @version $Revision: 557454 $, $Date: 2007-07-19 04:19:10 +0200 (jeu., 19 juil. 2007) $
 * @see ManagerServlet
 */
 
@@ -234,7 +234,8 @@
         for (int i = 0; i < children.length; i++)
             hostNames[i] = children[i].getName();
 
-        TreeMap sortedHostNamesMap = new TreeMap();
+        TreeMap<String,String> sortedHostNamesMap =
+            new TreeMap<String,String>();
 
         for (int i = 0; i < hostNames.length; i++) {
             String displayPath = hostNames[i];
@@ -245,15 +246,16 @@
         String hostsStop = sm.getString("htmlHostManagerServlet.hostsStop");
         String hostsRemove =
sm.getString("htmlHostManagerServlet.hostsRemove");
 
-        Iterator iterator = sortedHostNamesMap.entrySet().iterator();
+        Iterator<Map.Entry<String,String>> iterator =
+            sortedHostNamesMap.entrySet().iterator();
         while (iterator.hasNext()) {
-            Map.Entry entry = (Map.Entry) iterator.next();
+            Map.Entry<String,String> entry = iterator.next();
             String hostName = (String) entry.getKey();
             Host host = (Host) engine.findChild(hostName);
 
             if (host != null ) {
                 args = new Object[2];
-                args[0] = hostName;
+                args[0] = RequestUtil.filter(hostName);
                 String[] aliases = host.findAliases();
                 StringBuffer buf = new StringBuffer();
                 if (aliases.length > 0) {
@@ -265,9 +267,11 @@
 
                 if (buf.length() == 0) {
                     buf.append("&nbsp;");
+                    args[1] = buf.toString();
+                } else {
+                    args[1] = RequestUtil.filter(buf.toString());
                 }
 
-                args[1] = buf.toString();
                 writer.print
                     (MessageFormat.format(HOSTS_ROW_DETAILS_SECTION, args));
 


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

[jbossweb-commits] JBossWeb SVN: r200 - trunk/java/org/apache/catalina/manager/host.