You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hc.apache.org by se...@apache.org on 2013/06/19 10:44:16 UTC

svn commit: r1494505 - /httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html

Author: sebb
Date: Wed Jun 19 08:44:15 2013
New Revision: 1494505

URL: http://svn.apache.org/r1494505
Log:
Apply fix for CVE-2013-1571, a frame injection attack

Modified:
    httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html

Modified: httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html
URL: http://svn.apache.org/viewvc/httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html?rev=1494505&r1=1494504&r2=1494505&view=diff
==============================================================================
--- httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html (original)
+++ httpcomponents/site/httpcomponents-asyncclient-4.0-beta4/httpasyncclient-cache/apidocs/index.html Wed Jun 19 08:44:15 2013
@@ -11,6 +11,42 @@
         targetPage = targetPage.substring(1);
     if (targetPage.indexOf(":") != -1)
         targetPage = "undefined";
+    if (targetPage != "" && !validURL(targetPage))
+        targetPage = "undefined";
+    function validURL(url) {
+        var pos = url.indexOf(".html");
+        if (pos == -1 || pos != url.length - 5)
+            return false;
+        var allowNumber = false;
+        var allowSep = false;
+        var seenDot = false;
+        for (var i = 0; i < url.length - 5; i++) {
+            var ch = url.charAt(i);
+            if ('a' <= ch && ch <= 'z' ||
+                    'A' <= ch && ch <= 'Z' ||
+                    ch == '$' ||
+                    ch == '_') {
+                allowNumber = true;
+                allowSep = true;
+            } else if ('0' <= ch && ch <= '9'
+                    || ch == '-') {
+                if (!allowNumber)
+                     return false;
+            } else if (ch == '/' || ch == '.') {
+                if (!allowSep)
+                    return false;
+                allowNumber = false;
+                allowSep = false;
+                if (ch == '.')
+                     seenDot = true;
+                if (ch == '/' && seenDot)
+                     return false;
+            } else {
+                return false;
+            }
+        }
+        return true;
+    }
     function loadFrames() {
         if (targetPage != "" && targetPage != "undefined")
              top.classFrame.location = top.targetPage;