marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Console:

Browse Source 
- Fix update buttons
   - Don't filter parameter names starting with "nofilter_"
   - Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
   - Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
   - Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
   - Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
   - More escaping
 * i2psnark: Fix add torrent form
This commit is contained in:
zzz
2014-08-03 13:58:51 +00:00
parent bf9c4b2346
commit b28eb708a4
26 changed files with 289 additions and 131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/routerconsole/jsp/flags.jsp
View File

@@ -12,7 +12,9 @@
* with headers set so the browser caches.
*/
String c = request.getParameter("c");
if (c != null && c.length() > 0) {
if (c != null &&
(c.length() == 2 || c.length() == 7) &&
c.replaceAll("[a-z_]", "").length() == 0) {
java.io.OutputStream cout = response.getOutputStream();
String base = net.i2p.I2PAppContext.getGlobalContext().getBaseDir().getAbsolutePath();
String file = "docs" + java.io.File.separatorChar + "icons" + java.io.File.separatorChar +