|
 |
8ccec3e |
Index: src/org/mortbay/http/HttpFields.java
|
|
|
8ccec3e |
===================================================================
|
|
|
8ccec3e |
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/http/HttpFields.java,v
|
|
|
8ccec3e |
retrieving revision 1.77
|
|
|
8ccec3e |
diff -r1.77 HttpFields.java
|
|
|
8ccec3e |
1461a1462
|
|
|
8ccec3e |
> value=StringUtil.noCRLF(value);
|
|
|
8ccec3e |
Index: src/org/mortbay/http/HttpResponse.java
|
|
|
8ccec3e |
===================================================================
|
|
|
8ccec3e |
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/http/HttpResponse.java,v
|
|
|
8ccec3e |
retrieving revision 1.62
|
|
|
8ccec3e |
diff -r1.62 HttpResponse.java
|
|
|
8ccec3e |
21a22
|
|
|
8ccec3e |
> import java.util.Date;
|
|
|
8ccec3e |
22a24
|
|
|
8ccec3e |
> import java.util.List;
|
|
|
8ccec3e |
462a465,519
|
|
|
8ccec3e |
> public void addDateField(String name, Date date)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.addDateField(sanitize(name),date);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void addDateField(String name, long date)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.addDateField(sanitize(name),date);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void addField(String name, String value) throws IllegalStateException
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.addField(sanitize(name),sanitize(value));
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void addIntField(String name, int value)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.addIntField(sanitize(name),value);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void setContentType(String contentType)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.setContentType(sanitize(contentType));
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void setDateField(String name, Date date)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.setDateField(sanitize(name),date);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void setDateField(String name, long date)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.setDateField(sanitize(name),date);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void setField(String name, List value)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.setField(sanitize(name),value);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public String setField(String name, String value)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> return super.setField(sanitize(name),sanitize(value));
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> public void setIntField(String name, int value)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> super.setIntField(sanitize(name),value);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> private String sanitize(String s)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> return StringUtil.noCRLF(s);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
Index: src/org/mortbay/servlet/Dump.java
|
|
|
8ccec3e |
===================================================================
|
|
|
8ccec3e |
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/servlet/Dump.java,v
|
|
|
8ccec3e |
retrieving revision 1.42
|
|
|
8ccec3e |
diff -r1.42 Dump.java
|
|
|
8ccec3e |
46a47
|
|
|
8ccec3e |
> import org.mortbay.util.StringUtil;
|
|
|
8ccec3e |
169a171,173
|
|
|
8ccec3e |
> response.setHeader("Ok","value");
|
|
|
8ccec3e |
> response.setHeader("ztu\r\n\r\npid","val\r\n\r\nue");
|
|
|
8ccec3e |
> response.addCookie(new Cookie("Stu'pid","val\r\n\r\nue"));
|
|
|
8ccec3e |
177c181,198
|
|
|
8ccec3e |
< Table table= new Table(0).cellPadding(0).cellSpacing(0);
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> Table table= new Table(0)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> public Table addCell(Object o)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> if (o!=null && o instanceof String)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> String s = (String)o;
|
|
|
8ccec3e |
> s=StringUtil.replace(s,"\r\n","
");
|
|
|
8ccec3e |
> s=StringUtil.replace(s,"\n","
");
|
|
|
8ccec3e |
> s=StringUtil.replace(s,"<","<");
|
|
|
8ccec3e |
> s=StringUtil.replace(s,">",">");
|
|
|
8ccec3e |
> o=s;
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
> return super.addCell(o);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
> };
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> table.cellPadding(0).cellSpacing(0);
|
|
|
8ccec3e |
360c381
|
|
|
8ccec3e |
< table.addCell("" + toString(request.getAttribute(name)) + " ");
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> table.addCell(toString(request.getAttribute(name)));
|
|
|
8ccec3e |
378c399
|
|
|
8ccec3e |
< table.addCell("" + toString(getInitParameter(name)) + " ");
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> table.addCell(toString(getInitParameter(name)));
|
|
|
8ccec3e |
395c416
|
|
|
8ccec3e |
< table.addCell("" + toString(getServletContext().getInitParameter(name)) + " ");
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> table.addCell(toString(getServletContext().getInitParameter(name)));
|
|
|
8ccec3e |
412c433
|
|
|
8ccec3e |
< table.addCell("" + toString(getServletContext().getAttribute(name)) + " ");
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> table.addCell(toString(getServletContext().getAttribute(name)));
|
|
|
8ccec3e |
435c456
|
|
|
8ccec3e |
< table.addCell("" + multi.getString(parts[p]) + " ");
|
|
|
8ccec3e |
---
|
|
|
8ccec3e |
> table.addCell(multi.getString(parts[p]));
|
|
|
8ccec3e |
Index: src/org/mortbay/util/StringUtil.java
|
|
|
8ccec3e |
===================================================================
|
|
|
8ccec3e |
RCS file: /cvsroot/jetty/Jetty/src/org/mortbay/util/StringUtil.java,v
|
|
|
8ccec3e |
retrieving revision 1.16
|
|
|
8ccec3e |
diff -r1.16 StringUtil.java
|
|
|
8ccec3e |
286a287,292
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> /* ------------------------------------------------------------ */
|
|
|
8ccec3e |
> public static String noCRLF(String s)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> if (s==null || s.length()==0)
|
|
|
8ccec3e |
> return s;
|
|
|
8ccec3e |
287a294,334
|
|
|
8ccec3e |
> StringBuffer buf = null;
|
|
|
8ccec3e |
> int i=0;
|
|
|
8ccec3e |
> loop:
|
|
|
8ccec3e |
> for (;i
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> char c = s.charAt(i);
|
|
|
8ccec3e |
> switch(c)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> case 0:
|
|
|
8ccec3e |
> case '\n':
|
|
|
8ccec3e |
> case '\r':
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> buf=new StringBuffer(s.length());
|
|
|
8ccec3e |
> buf.append(s,0,i);
|
|
|
8ccec3e |
> buf.append('.');
|
|
|
8ccec3e |
> break loop;
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
> default:
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> if (buf==null)
|
|
|
8ccec3e |
> return s;
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> for (;i
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> char c = s.charAt(i);
|
|
|
8ccec3e |
> switch(c)
|
|
|
8ccec3e |
> {
|
|
|
8ccec3e |
> case 0:
|
|
|
8ccec3e |
> case '\n':
|
|
|
8ccec3e |
> case '\r':
|
|
|
8ccec3e |
> buf.append('.');
|
|
|
8ccec3e |
> break;
|
|
|
8ccec3e |
> default:
|
|
|
8ccec3e |
> buf.append(c);
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
> }
|
|
|
8ccec3e |
>
|
|
|
8ccec3e |
> return buf.toString();
|
|
|
8ccec3e |
> }
|