litvinovg/vivo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix XSS vulnerability

Browse source
This commit is contained in:
kongchinhua 2012-07-11 00:58:46 +00:00
parent 6c062d7683
commit 1336709d4f
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/edu/cornell/mannlib/vitro/webapp/controller/visualization/ShortURLVisualizationController.java
View file

@ -11,6 +11,7 @@ import javax.servlet.ServletContext;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.apache.commons.lang.StringEscapeUtils;
import com.hp.hpl.jena.query.Dataset; import com.hp.hpl.jena.query.Dataset;
import com.hp.hpl.jena.query.Syntax; import com.hp.hpl.jena.query.Syntax;
@ -167,6 +168,7 @@ public class ShortURLVisualizationController extends FreemarkerHttpServlet {
+ matchedPatternGroups.get(1); + matchedPatternGroups.get(1);
} }
subjectURI = StringEscapeUtils.escapeHtml(subjectURI);
parameters.put(VisualizationFrameworkConstants.INDIVIDUAL_URI_KEY, subjectURI); parameters.put(VisualizationFrameworkConstants.INDIVIDUAL_URI_KEY, subjectURI);
if (VisualizationFrameworkConstants.COAUTHORSHIP_VIS_SHORT_URL if (VisualizationFrameworkConstants.COAUTHORSHIP_VIS_SHORT_URL
@ -240,8 +242,8 @@ public class ShortURLVisualizationController extends FreemarkerHttpServlet {
private List<String> extractShortURLParameters(VitroRequest vitroRequest) { private List<String> extractShortURLParameters(VitroRequest vitroRequest) {
List<String> matchedGroups = new ArrayList<String>(); List<String> matchedGroups = new ArrayList<String>();
String subURIString = vitroRequest.getRequestURI().substring(vitroRequest.getContextPath().length()+1);
String[] urlParams = vitroRequest.getRequestURI().substring(vitroRequest.getContextPath().length()+1).split("/"); String[] urlParams = StringEscapeUtils.escapeHtml(subURIString).split("/");
if (urlParams.length > 1 if (urlParams.length > 1
&& urlParams[0].equalsIgnoreCase("vis")) { && urlParams[0].equalsIgnoreCase("vis")) {