[jboss-cvs] JBossAS SVN: r91882 - branches/JBPAPP_5_0/varia/src/resources/jmx/html.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jul 31 12:21:59 EDT 2009
Author: fjuma
Date: 2009-07-31 12:21:59 -0400 (Fri, 31 Jul 2009)
New Revision: 91882
Modified:
branches/JBPAPP_5_0/varia/src/resources/jmx/html/displayMBeans.jsp
Log:
JBPAPP-2295: Made sure that the "filter" parameter in the JMX Console is sanitized before being displayed to the user.
Modified: branches/JBPAPP_5_0/varia/src/resources/jmx/html/displayMBeans.jsp
===================================================================
--- branches/JBPAPP_5_0/varia/src/resources/jmx/html/displayMBeans.jsp 2009-07-31 16:17:52 UTC (rev 91881)
+++ branches/JBPAPP_5_0/varia/src/resources/jmx/html/displayMBeans.jsp 2009-07-31 16:21:59 UTC (rev 91882)
@@ -59,7 +59,7 @@
<td height="105" align="center" width="300" nowrap>
<form action="HtmlAdaptor?action=displayMBeans" method="post" name="applyFilter" id="applyFilter">
ObjectName Filter (e.g.: "jboss:*", "*:service=invoker,*"):<br/>
- <input type="text" name="filter" size="20" value="<%= request.getAttribute("filter")%>" />
+ <input type="text" name="filter" size="20" value="<%= translateMetaCharacters(request.getAttribute("filter"))%>" />
<input type="submit" name="apply" value="Apply Filter" />
<input type="button" onClick="javascript:location='HtmlAdaptor?filter='" value="Clear Filter" />
<%
More information about the jboss-cvs-commits
mailing list