[freenet-cvs] r16303 - in trunk/apps/Echo/src/plugins/echo: . editor
nextgens at freenetproject.org
nextgens at freenetproject.org
Wed Dec 5 10:20:58 UTC 2007
Author: nextgens
Date: 2007-12-05 10:20:58 +0000 (Wed, 05 Dec 2007)
New Revision: 16303
Modified:
trunk/apps/Echo/src/plugins/echo/Echo.java
trunk/apps/Echo/src/plugins/echo/editor/BlocksPage.java
trunk/apps/Echo/src/plugins/echo/editor/CategoriesPage.java
trunk/apps/Echo/src/plugins/echo/editor/GeneratePage.java
trunk/apps/Echo/src/plugins/echo/editor/InsertPage.java
trunk/apps/Echo/src/plugins/echo/editor/NodePage.java
trunk/apps/Echo/src/plugins/echo/editor/NodesPage.java
trunk/apps/Echo/src/plugins/echo/editor/Page.java
trunk/apps/Echo/src/plugins/echo/editor/StaticPage.java
Log:
Echo: reinstate the insecure behaviour... so that it works.
Put a REDFLAG comment where needed
Modified: trunk/apps/Echo/src/plugins/echo/Echo.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/Echo.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/Echo.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -145,13 +145,8 @@
}
- try {
- welcomePage.handleHTTPRequest(request);
- return transform.transform(new Document(welcomePage.toXML())).get(0).toXML();
- } catch (Exception e) {
- e.printStackTrace();
- return e.toString();
- }
+ return handleRequest(request, false);
+
// String passwd = request.getParam("formPassword");
// if((passwd == null) || !passwd.equals(respirator.getNode().clientCore.formPassword))
// throw new AccessDeniedPluginHTTPException("The formPassword hasn't been set!", BASE_URL);
@@ -164,6 +159,10 @@
}
public String handleHTTPPost(HTTPRequest request) throws PluginHTTPException {
+ return handleRequest(request, true);
+ }
+
+ private String handleRequest(HTTPRequest request, boolean isPost) {
try {
String fileName = (new File(request.getPath())).getName();
Page p;
@@ -173,7 +172,7 @@
else
p = StaticPage.createFromContentFile("404 error", "http404error.xml");
- p.handleHTTPRequest(request);
+ p.handleHTTPRequest(request, isPost);
/*
Nice but input white space are not respected
@@ -187,7 +186,6 @@
*/
return transform.transform(new Document(p.toXML())).get(0).toXML();
-
} catch (Exception e) {
e.printStackTrace();
return e.toString();
Modified: trunk/apps/Echo/src/plugins/echo/editor/BlocksPage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/BlocksPage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/BlocksPage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -22,7 +22,7 @@
this.formPsw = formPassword;
}
- public void handleHTTPRequest(HTTPRequest request) {
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {
clear();
Modified: trunk/apps/Echo/src/plugins/echo/editor/CategoriesPage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/CategoriesPage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/CategoriesPage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -25,7 +25,7 @@
}
- public void handleHTTPRequest(HTTPRequest request) {
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {
clear();
Modified: trunk/apps/Echo/src/plugins/echo/editor/GeneratePage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/GeneratePage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/GeneratePage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -19,7 +19,7 @@
}
- public void handleHTTPRequest(HTTPRequest request) {
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {
clear();
project = projectManager.getCurrentProject();
Modified: trunk/apps/Echo/src/plugins/echo/editor/InsertPage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/InsertPage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/InsertPage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -34,7 +34,7 @@
this.fcpServer = server;
}
- public void handleHTTPRequest(HTTPRequest request) {
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {
clear();
project = projectManager.getCurrentProject();
Modified: trunk/apps/Echo/src/plugins/echo/editor/NodePage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/NodePage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/NodePage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -29,7 +29,7 @@
}
- public void handleHTTPRequest(HTTPRequest request) {
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {
clear();
Node node = null;
Modified: trunk/apps/Echo/src/plugins/echo/editor/NodesPage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/NodesPage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/NodesPage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -21,7 +21,7 @@
}
- public void handleHTTPRequest(HTTPRequest req) {
+ public void handleHTTPRequest(HTTPRequest req, boolean isPost) {
clear();
Modified: trunk/apps/Echo/src/plugins/echo/editor/Page.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/Page.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/Page.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -38,7 +38,8 @@
}
- public abstract void handleHTTPRequest(HTTPRequest request);
+ // REDFLAG: ensure that only safe operations are allowed if !isPost
+ public abstract void handleHTTPRequest(HTTPRequest request, boolean isPost);
/**
* Appends XML content to this page
Modified: trunk/apps/Echo/src/plugins/echo/editor/StaticPage.java
===================================================================
--- trunk/apps/Echo/src/plugins/echo/editor/StaticPage.java 2007-12-05 10:08:47 UTC (rev 16302)
+++ trunk/apps/Echo/src/plugins/echo/editor/StaticPage.java 2007-12-05 10:20:58 UTC (rev 16303)
@@ -44,7 +44,6 @@
}
- public void handleHTTPRequest(HTTPRequest request) { }
-
+ public void handleHTTPRequest(HTTPRequest request, boolean isPost) {}
}
More information about the cvs
mailing list