I2P_Developers/i2p.i2p-bote
3
0
Fork 0
Code Issues 4 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Tweak error message to avoid XSS filter (ticket #1815)

Browse Source
This commit is contained in:
str4d
2016-11-27 04:04:06 +00:00
parent b4b52dffa0
commit 3052824d1b
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
history.txt
View File

@ -3,6 +3,7 @@ I2P-Bote Version History
0.4.4
* Added CSRF guards to all forms (thanks Beardog for raising the issue!)
* Tweak error message to avoid XSS filter (ticket #1815)
* Improve identities list usability (thanks Jonathan!)
0.4.3 (Released on Jan 28, 2016)

2
src/main/java/i2p/bote/email/EmailIdentity.java
View File

@ -72,7 +72,7 @@ public class EmailIdentity extends EmailDestination {
if ("".equals(vanityPrefix))
vanityPrefix = null;
if (vanityPrefix!=null && !cryptoImpl.getBase64InitialCharacters().contains(vanityPrefix.substring(0, 1))) {
String errorMsg = "This encryption type does not support destinations that start with a \"{0}\". Valid initial characters are {1}.";
String errorMsg = "This encryption type does not support destinations that start with {0}. Valid initial characters are {1}.";
throw new IllegalDestinationParametersException(_t(errorMsg, vanityPrefix.charAt(0), cryptoImpl.getBase64InitialCharacters()));
}