[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Mldonkey-users] [PATCH] HTTP: fix XSS in error handler (#32929)
From: |
ygrek |
Subject: |
[Mldonkey-users] [PATCH] HTTP: fix XSS in error handler (#32929) |
Date: |
Sun, 27 Mar 2011 23:53:16 +0300 |
diff --git src/utils/net/http_server.ml src/utils/net/http_server.ml
index 0642431..3190e73 100644
--- src/utils/net/http_server.ml
+++ src/utils/net/http_server.ml
@@ -240,8 +240,8 @@ let error_page code from_ip from_port my_ip my_port reason =
| Some Blocked -> Printf.sprintf "IP %s is blocked, its part
of the used IP blocklist " from_ip
| _ -> "")
| "404" -> "Not found", Printf.sprintf "The requested URL %swas not found
on this server."
- (match reason with Some (Url_not_found url) ->
url ^ " " | _ -> "")
- | _ -> Printf.sprintf "Unknown error %s" code, ""
+ (match reason with Some (Url_not_found url) ->
html_escaped url ^ " " | _ -> "")
+ | _ -> Printf.sprintf "Unknown error %s" (html_escaped code), ""
in
let reject_message = Printf.sprintf
"<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n<html>
--
1.7.2.5
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Mldonkey-users] [PATCH] HTTP: fix XSS in error handler (#32929),
ygrek <=