* Console:

- Fix several XSS issues (thx Aaron Portnoy of Exodus Intel) - Add Content-Security-Policy and X-XSS-Protection headers - Disable changing news feed URL from UI - Disable plugin install from UI - Disable setting unsigned update URL from UI - Disable /configadvanced * DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit) * ExecNamingService: Disable (thx joernchen of Phenoelit) * Startup: Add susimail.config to migrated files
2014-07-26 09:32:26 +00:00
parent e9c8748c0b
commit af575d6c95
32 changed files with 124 additions and 61 deletions
--- a/apps/routerconsole/jsp/configadvanced.jsp
+++ b/apps/routerconsole/jsp/configadvanced.jsp
@@ -24,13 +24,19 @@
 <%@include file="formhandler.jsi" %>
 <div class="configure">
 <div class="wideload">
+<!--
 <form action="" method="POST">
 <input type="hidden" name="nonce" value="<%=pageNonce%>" >
 <input type="hidden" name="action" value="blah" >
+-->
 <h3><%=intl._("Advanced I2P Configuration")%></h3>
- <textarea rows="32" cols="60" name="config" wrap="off" spellcheck="false"><jsp:getProperty name="advancedhelper" property="settings" /></textarea><br><hr>
+ <textarea rows="32" cols="60" name="config" wrap="off" spellcheck="false" readonly="readonly"><jsp:getProperty name="advancedhelper" property="settings" /></textarea><br><hr>
+<!--
      <div class="formaction">
        <input type="reset" class="cancel" value="<%=intl._("Cancel")%>" >
        <input type="submit" name="shouldsave" class="accept" value="<%=intl._("Save changes")%>" >
 <br><b><%=intl._("NOTE")%>:</b> <%=intl._("Some changes may require a restart to take effect.")%>
- </div></form></div></div></div></body></html>
+ </div></form>
+-->
+To make changes, edit the router.config file.
+</div></div></div></body></html>