You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Rex Wang (JIRA)" <ji...@apache.org> on 2009/05/21 11:18:45 UTC
[jira] Created: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
XSSXSRFFilter cause some link failure
--------------------------------------
Key: GERONIMO-4641
URL: https://issues.apache.org/jira/browse/GERONIMO-4641
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Affects Versions: 2.1.4, 2.1.5, 2.2
Reporter: Rex Wang
Fix For: 2.1.5, 2.2
the XSSXSRFFilter will cause the link failure when the content contains some special char.
such as
the links in Database Pools portlet
"Import from JBoss 4 "
"Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Ivan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivan resolved GERONIMO-4641.
----------------------------
Resolution: Fixed
Commit the patch to 2.1.5 snapshot At revision: 780269, trunk At revision: 780270, thanks for the patch, Rex Wang !
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12711535#action_12711535 ]
Rex Wang commented on GERONIMO-4641:
------------------------------------
We need verify all the links and buttons in console to ensure the fix.
-Rex
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Fix For: 2.1.5, 2.2
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: GERONIMO-4641-b21.patch
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: GERONIMO-4641-trunk-revised.patch
GERONIMO-4641-b21-revised.patch
Sorry for the problems, these are the revised patches.
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-revised.patch, GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk-revised.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: GERONIMO-4641-trunk.patch
GERONIMO-4641-trunk.patch is the patch for trunk.
Could anybody help commit?
-Rex
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: (was: GERONIMO-4641-b21-updated.patch)
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Ivan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12715009#action_12715009 ]
Ivan commented on GERONIMO-4641:
--------------------------------
Commit revised patch to 2.1.5 snapshot At revision: 780580, 2.2 trunk At revision: 780581, thanks Rex !
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-revised.patch, GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk-revised.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang closed GERONIMO-4641.
------------------------------
Thanks Ivan
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-revised.patch, GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk-revised.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12712144#action_12712144 ]
Rex Wang commented on GERONIMO-4641:
------------------------------------
After Shawn's patch of GERONIMO-4640, there still some problems on the filter side.
eg: click button in the "Import from JBoss 4" portlet.
When a <form> has enctype="multipart/form-data", the XSRFHandler can not get anything by the request.getParameter("formId").
GERONIMO-4641-b21.patch can resolve this.
-Rex
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: (was: GERONIMO-4641-b21.patch)
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: (was: GERONIMO-4641-trunk.patch)
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: GERONIMO-4641-b21-updated.patch
A updated patch to resolve a issue in IE.
-Rex
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang reassigned GERONIMO-4641:
----------------------------------
Assignee: Rex Wang
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4641) XSSXSRFFilter cause some link
failure
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang updated GERONIMO-4641:
-------------------------------
Attachment: GERONIMO-4641-trunk.patch
GERONIMO-4641-b21-updated.patch
> XSSXSRFFilter cause some link failure
> --------------------------------------
>
> Key: GERONIMO-4641
> URL: https://issues.apache.org/jira/browse/GERONIMO-4641
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.1.4, 2.1.5, 2.2
> Reporter: Rex Wang
> Assignee: Rex Wang
> Fix For: 2.1.5, 2.2
>
> Attachments: GERONIMO-4641-b21-updated.patch, GERONIMO-4641-trunk.patch
>
>
> the XSSXSRFFilter will cause the link failure when the content contains some special char.
> such as
> the links in Database Pools portlet
> "Import from JBoss 4 "
> "Import from WebLogic 8.1 "
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.