[Mldonkey-commits] mldonkey distrib/ChangeLog src/utils/net/http

mldonkey-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Mldonkey-commits] mldonkey distrib/ChangeLog src/utils/net/http_s...

From:	mldonkey-commits
Subject:	[Mldonkey-commits] mldonkey distrib/ChangeLog src/utils/net/http_s...
Date:	Mon, 28 Mar 2011 18:19:22 +0000

CVSROOT:        /sources/mldonkey
Module name:    mldonkey
Changes by:     spiralvoice <spiralvoice>       11/03/28 18:19:22

Modified files:
        distrib        : ChangeLog 
        src/utils/net  : http_server.ml 

Log message:
        patch #7517

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/mldonkey/distrib/ChangeLog?cvsroot=mldonkey&r1=1.1526&r2=1.1527
http://cvs.savannah.gnu.org/viewcvs/mldonkey/src/utils/net/http_server.ml?cvsroot=mldonkey&r1=1.40&r2=1.41

Patches:
Index: distrib/ChangeLog
===================================================================
RCS file: /sources/mldonkey/mldonkey/distrib/ChangeLog,v
retrieving revision 1.1526
retrieving revision 1.1527
diff -u -b -r1.1526 -r1.1527
--- distrib/ChangeLog   28 Mar 2011 18:17:24 -0000      1.1526
+++ distrib/ChangeLog   28 Mar 2011 18:19:22 -0000      1.1527
@@ -15,6 +15,7 @@
 =========
 
 2011/03/28
+7517: http: fix XSS in error handler (ygrek)
 7495: Fix compilation of Ocaml 3.11.* with recent binutils (ecc, glondu)
 
 2011/03/20

Index: src/utils/net/http_server.ml
===================================================================
RCS file: /sources/mldonkey/mldonkey/src/utils/net/http_server.ml,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -b -r1.40 -r1.41
--- src/utils/net/http_server.ml        11 Apr 2010 10:45:25 -0000      1.40
+++ src/utils/net/http_server.ml        28 Mar 2011 18:19:22 -0000      1.41
@@ -240,8 +240,8 @@
                 | Some Blocked -> Printf.sprintf "IP %s is blocked, its part 
of the used IP blocklist " from_ip
                 | _ -> "")
     | "404" -> "Not found", Printf.sprintf "The requested URL %swas not found 
on this server."
-                             (match reason with Some (Url_not_found url) -> 
url ^ " " | _ -> "")
-    | _ -> Printf.sprintf "Unknown error %s" code, ""
+                             (match reason with Some (Url_not_found url) -> 
html_escaped url ^ " " | _ -> "")
+    | _ -> Printf.sprintf "Unknown error %s" (html_escaped code), ""
   in
   let reject_message = Printf.sprintf
 "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n<html>

[Prev in Thread]

Current Thread

[Next in Thread]

[Mldonkey-commits] mldonkey distrib/ChangeLog src/utils/net/http_s..., mldonkey-commits <=

Prev by Date: [Mldonkey-commits] mldonkey distrib/ChangeLog patches/ocaml-3.11.0...
Next by Date: [Mldonkey-commits] mldonkey config/configure.in distrib/ChangeLog
Previous by thread: [Mldonkey-commits] mldonkey distrib/ChangeLog patches/ocaml-3.11.0...
Next by thread: [Mldonkey-commits] mldonkey config/configure.in distrib/ChangeLog
Index(es):
- Date
- Thread