tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: svn commit: r1825713 - in /tomcat/trunk: java/org/apache/catalina/manager/JMXProxyServlet.java webapps/docs/changelog.xml
Date Fri, 02 Mar 2018 17:47:29 GMT
On 02/03/18 17:05, Mark Thomas wrote:
> On 02/03/18 15:33, Konstantin Kolinko wrote:
>> 2018-03-02 14:51 GMT+03:00  <markt@apache.org>:
>>> Author: markt
>>> Date: Fri Mar  2 11:51:19 2018
>>> New Revision: 1825713
>>>
>>> URL: http://svn.apache.org/viewvc?rev=1825713&view=rev
>>> Log:
>>> Work-around a known, non-specification compliant behaviour in some versions of
IE that can allow XSS when using the JMX proxy feature of the Manager application.
>>> Based on a suggestion from Muthukumar Marikani.
>>
>> It may be worth to add the same to ManagerServlet, HostManagerServlet
>> that use text/plain as well.
> 
> I'm not sure. I'll take a closer look but the first one I looked at was
> HTML escaped because it is used by both Manager and HTMLManager.

It didn't take me long to find a route to an unescaped value. I'll
expand this work-around to cover all the Manger and Host Manager
servlets that return text/plain.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message