click-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r1495871 - in /click/trunk/site/docs: click-api/index.html extras-api/index.html mock-api/index.html
Date Sun, 23 Jun 2013 18:45:36 GMT
Author: markt
Date: Sun Jun 23 18:45:35 2013
New Revision: 1495871

URL: http://svn.apache.org/r1495871
Log:
Fix published Javadoc affected by CVE-2013-1571.
This commit has been performed by the ASF Infrastructure team.

Please ensure that your build processes are reviewed (and fixed if
necessary) to ensure that any updates to this Javadoc do not
re-introduce the vulnerability.

Modified:
    click/trunk/site/docs/click-api/index.html
    click/trunk/site/docs/extras-api/index.html
    click/trunk/site/docs/mock-api/index.html

Modified: click/trunk/site/docs/click-api/index.html
URL: http://svn.apache.org/viewvc/click/trunk/site/docs/click-api/index.html?rev=1495871&r1=1495870&r2=1495871&view=diff
==============================================================================
--- click/trunk/site/docs/click-api/index.html (original)
+++ click/trunk/site/docs/click-api/index.html Sun Jun 23 18:45:35 2013
@@ -13,6 +13,42 @@ Click Framework API - v2.3.0
         targetPage = targetPage.substring(1);
     if (targetPage.indexOf(":") != -1)
         targetPage = "undefined";
+    if (targetPage != "" && !validURL(targetPage))
+        targetPage = "undefined";
+    function validURL(url) {
+        var pos = url.indexOf(".html");
+        if (pos == -1 || pos != url.length - 5)
+            return false;
+        var allowNumber = false;
+        var allowSep = false;
+        var seenDot = false;
+        for (var i = 0; i < url.length - 5; i++) {
+            var ch = url.charAt(i);
+            if ('a' <= ch && ch <= 'z' ||
+                    'A' <= ch && ch <= 'Z' ||
+                    ch == '$' ||
+                    ch == '_') {
+                allowNumber = true;
+                allowSep = true;
+            } else if ('0' <= ch && ch <= '9'
+                    || ch == '-') {
+                if (!allowNumber)
+                     return false;
+            } else if (ch == '/' || ch == '.') {
+                if (!allowSep)
+                    return false;
+                allowNumber = false;
+                allowSep = false;
+                if (ch == '.')
+                     seenDot = true;
+                if (ch == '/' && seenDot)
+                     return false;
+            } else {
+                return false;
+            }
+        }
+        return true;
+    }
     function loadFrames() {
         if (targetPage != "" && targetPage != "undefined")
              top.classFrame.location = top.targetPage;

Modified: click/trunk/site/docs/extras-api/index.html
URL: http://svn.apache.org/viewvc/click/trunk/site/docs/extras-api/index.html?rev=1495871&r1=1495870&r2=1495871&view=diff
==============================================================================
--- click/trunk/site/docs/extras-api/index.html (original)
+++ click/trunk/site/docs/extras-api/index.html Sun Jun 23 18:45:35 2013
@@ -13,6 +13,42 @@ Click Extras API - v2.3.0
         targetPage = targetPage.substring(1);
     if (targetPage.indexOf(":") != -1)
         targetPage = "undefined";
+    if (targetPage != "" && !validURL(targetPage))
+        targetPage = "undefined";
+    function validURL(url) {
+        var pos = url.indexOf(".html");
+        if (pos == -1 || pos != url.length - 5)
+            return false;
+        var allowNumber = false;
+        var allowSep = false;
+        var seenDot = false;
+        for (var i = 0; i < url.length - 5; i++) {
+            var ch = url.charAt(i);
+            if ('a' <= ch && ch <= 'z' ||
+                    'A' <= ch && ch <= 'Z' ||
+                    ch == '$' ||
+                    ch == '_') {
+                allowNumber = true;
+                allowSep = true;
+            } else if ('0' <= ch && ch <= '9'
+                    || ch == '-') {
+                if (!allowNumber)
+                     return false;
+            } else if (ch == '/' || ch == '.') {
+                if (!allowSep)
+                    return false;
+                allowNumber = false;
+                allowSep = false;
+                if (ch == '.')
+                     seenDot = true;
+                if (ch == '/' && seenDot)
+                     return false;
+            } else {
+                return false;
+            }
+        }
+        return true;
+    }
     function loadFrames() {
         if (targetPage != "" && targetPage != "undefined")
              top.classFrame.location = top.targetPage;

Modified: click/trunk/site/docs/mock-api/index.html
URL: http://svn.apache.org/viewvc/click/trunk/site/docs/mock-api/index.html?rev=1495871&r1=1495870&r2=1495871&view=diff
==============================================================================
--- click/trunk/site/docs/mock-api/index.html (original)
+++ click/trunk/site/docs/mock-api/index.html Sun Jun 23 18:45:35 2013
@@ -13,6 +13,42 @@ Click Mock API - v2.3.0
         targetPage = targetPage.substring(1);
     if (targetPage.indexOf(":") != -1)
         targetPage = "undefined";
+    if (targetPage != "" && !validURL(targetPage))
+        targetPage = "undefined";
+    function validURL(url) {
+        var pos = url.indexOf(".html");
+        if (pos == -1 || pos != url.length - 5)
+            return false;
+        var allowNumber = false;
+        var allowSep = false;
+        var seenDot = false;
+        for (var i = 0; i < url.length - 5; i++) {
+            var ch = url.charAt(i);
+            if ('a' <= ch && ch <= 'z' ||
+                    'A' <= ch && ch <= 'Z' ||
+                    ch == '$' ||
+                    ch == '_') {
+                allowNumber = true;
+                allowSep = true;
+            } else if ('0' <= ch && ch <= '9'
+                    || ch == '-') {
+                if (!allowNumber)
+                     return false;
+            } else if (ch == '/' || ch == '.') {
+                if (!allowSep)
+                    return false;
+                allowNumber = false;
+                allowSep = false;
+                if (ch == '.')
+                     seenDot = true;
+                if (ch == '/' && seenDot)
+                     return false;
+            } else {
+                return false;
+            }
+        }
+        return true;
+    }
     function loadFrames() {
         if (targetPage != "" && targetPage != "undefined")
              top.classFrame.location = top.targetPage;



Mime
View raw message