dandri/i2p.i2p
1
0
Fork 0
mirror of https://github.com/i2p/i2p.i2p.git synced 2026-06-04 17:21:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Console: Sanitize plugin name in ConfigClientsHandler

Browse Source 
reported by: bottomlineit.co.za
This commit is contained in:
zzz
2026-04-25 18:19:26 -04:00
parent bb49736b33
commit 7c99bb702e
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/routerconsole/java/src/net/i2p/router/web/helpers/ConfigClientsHandler.java
+5
View File
@@ -103,6 +103,7 @@ public class ConfigClientsHandler extends FormHandler {
// value
if (_action.startsWith("Start ")) {
String app = _action.substring(6);
app = DataHelper.stripHTML(app);
int appnum = -1;
try {
appnum = Integer.parseInt(app);
@@ -126,6 +127,7 @@ public class ConfigClientsHandler extends FormHandler {
// value
if (_action.startsWith("Delete ")) {
String app = _action.substring(7);
app = DataHelper.stripHTML(app);
int appnum = -1;
try {
appnum = Integer.parseInt(app);
@@ -165,6 +167,7 @@ public class ConfigClientsHandler extends FormHandler {
if (_action.startsWith("Stop ")) {
String app = _action.substring(5);
app = DataHelper.stripHTML(app);
int appnum = -1;
try {
appnum = Integer.parseInt(app);
@@ -197,6 +200,7 @@ public class ConfigClientsHandler extends FormHandler {
if (_action.startsWith("Update ")) {
if (pluginsEnabled) {
String app = _action.substring(7);
app = DataHelper.stripHTML(app);
updatePlugin(app);
} else {
addFormError("Plugins disabled");
@@ -208,6 +212,7 @@ public class ConfigClientsHandler extends FormHandler {
if (_action.startsWith("Check ")) {
if (pluginsEnabled) {
String app = _action.substring(6);
app = DataHelper.stripHTML(app);
checkPlugin(app);
} else {
addFormError("Plugins disabled");