activemq-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dej...@apache.org
Subject svn commit: r1459265 - in /activemq/trunk: activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java activemq-web-console/src/main/webapp/scheduled.jsp
Date Thu, 21 Mar 2013 12:34:01 GMT
Author: dejanb
Date: Thu Mar 21 12:34:01 2013
New Revision: 1459265

URL: http://svn.apache.org/r1459265
Log:
https://issues.apache.org/jira/browse/AMQ-4397 - xss in cron expressions

Modified:
    activemq/trunk/activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java
    activemq/trunk/activemq-web-console/src/main/webapp/scheduled.jsp

Modified: activemq/trunk/activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java?rev=1459265&r1=1459264&r2=1459265&view=diff
==============================================================================
--- activemq/trunk/activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java
(original)
+++ activemq/trunk/activemq-client/src/main/java/org/apache/activemq/broker/scheduler/CronParser.java
Thu Mar 21 12:34:01 2013
@@ -42,7 +42,7 @@ public class CronParser {
 
         // Handle the once per minute case "* * * * *"
         // starting the next event at the top of the minute.
-        if (cronEntry.startsWith("* * * * *")) {
+        if (cronEntry.equals("* * * * *")) {
             result = currentTime + 60 * 1000;
             result = result / 1000 * 1000;
             return result;

Modified: activemq/trunk/activemq-web-console/src/main/webapp/scheduled.jsp
URL: http://svn.apache.org/viewvc/activemq/trunk/activemq-web-console/src/main/webapp/scheduled.jsp?rev=1459265&r1=1459264&r2=1459265&view=diff
==============================================================================
--- activemq/trunk/activemq-web-console/src/main/webapp/scheduled.jsp (original)
+++ activemq/trunk/activemq-web-console/src/main/webapp/scheduled.jsp Thu Mar 21 12:34:01
2013
@@ -40,13 +40,13 @@
 		<c:forEach items="${requestContext.brokerQuery.scheduledJobs}"
 		var="row">
 		<tr>
-		 <td>${row.jobId}</td>
-		 <td>${row.cronEntry}</td>
-		 <td>${row.nextExecutionTime}</td>
-		 <td>${row.start}</td>
-		 <td>${row.delay}</td>
-	 	 <td>${row.period}</td>
-	     <td>${row.repeat}</td>
+		 <td><c:out value="${row.jobId}"/></td>
+		 <td><c:out value="${row.cronEntry}"/></td>
+		 <td><c:out value="${row.nextExecutionTime}"/></td>
+		 <td><c:out value="${row.start}"/></td>
+		 <td><c:out value="${row.delay}"/></td>
+	 	 <td><c:out value="${row.period}"/></td>
+	     <td><c:out value="${row.repeat}"/></td>
 		<td>
 		    <a href="deleteJob.action?jobId=${row.jobId}&secret=<c:out value='${sessionScope["secret"]}'/>">Delete</a>
 		</td>



Mime
View raw message