Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
LinuxSuRen
jenkins
提交
a0b00508
J
jenkins
项目概览
LinuxSuRen
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a0b00508
编写于
2月 07, 2014
作者:
J
Jesse Glick
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[FIXED SECURITY-77] XSS in iconSize cookie.
上级
535c1115
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
15 addition
and
7 deletion
+15
-7
core/src/main/java/hudson/Functions.java
core/src/main/java/hudson/Functions.java
+11
-0
core/src/main/java/hudson/model/View.java
core/src/main/java/hudson/model/View.java
+1
-1
core/src/main/java/jenkins/model/Jenkins.java
core/src/main/java/jenkins/model/Jenkins.java
+2
-5
core/src/main/resources/lib/hudson/setIconSize.jelly
core/src/main/resources/lib/hudson/setIconSize.jelly
+1
-1
未找到文件。
core/src/main/java/hudson/Functions.java
浏览文件 @
a0b00508
...
...
@@ -123,6 +123,8 @@ import java.util.logging.Logger;
import
java.util.logging.SimpleFormatter
;
import
java.util.regex.Pattern
;
import
org.apache.commons.lang.StringUtils
;
import
org.kohsuke.accmod.Restricted
;
import
org.kohsuke.accmod.restrictions.NoExternalUse
;
/**
* Utility functions used in views.
...
...
@@ -426,6 +428,15 @@ public class Functions {
return
c
.
getValue
();
}
private
static
final
Pattern
ICON_SIZE
=
Pattern
.
compile
(
"\\d+x\\d+"
);
@Restricted
(
NoExternalUse
.
class
)
public
static
String
validateIconSize
(
String
iconSize
)
throws
SecurityException
{
if
(!
ICON_SIZE
.
matcher
(
iconSize
).
matches
())
{
throw
new
SecurityException
(
"invalid iconSize"
);
}
return
iconSize
;
}
/**
* Gets the suffix to use for YUI JavaScript.
*/
...
...
core/src/main/java/hudson/model/View.java
浏览文件 @
a0b00508
...
...
@@ -766,7 +766,7 @@ public abstract class View extends AbstractModelObject implements AccessControll
{
StaplerRequest
req
=
Stapler
.
getCurrentRequest
();
iconSize
=
req
!=
null
?
Functions
.
getCookie
(
req
,
"iconSize"
,
"32x32"
)
:
"32x32"
;
iconSize
=
req
!=
null
?
Functions
.
validateIconSize
(
Functions
.
getCookie
(
req
,
"iconSize"
,
"32x32"
)
)
:
"32x32"
;
}
@Override
protected
void
compute
()
throws
Exception
{
...
...
core/src/main/java/jenkins/model/Jenkins.java
浏览文件 @
a0b00508
...
...
@@ -295,7 +295,6 @@ import java.util.logging.Level;
import
static
java
.
util
.
logging
.
Level
.
SEVERE
;
import
java.util.logging.LogRecord
;
import
java.util.logging.Logger
;
import
java.util.regex.Pattern
;
import
javax.annotation.CheckForNull
;
import
javax.annotation.Nonnull
;
import
javax.annotation.Nullable
;
...
...
@@ -3417,9 +3416,9 @@ public class Jenkins extends AbstractCIBase implements ModifiableTopLevelItemGro
*/
public
void
doIconSize
(
StaplerRequest
req
,
StaplerResponse
rsp
)
throws
IOException
,
ServletException
{
String
qs
=
req
.
getQueryString
();
if
(
qs
==
null
||
!
ICON_SIZE
.
matcher
(
qs
).
matches
()
)
if
(
qs
==
null
)
throw
new
ServletException
();
Cookie
cookie
=
new
Cookie
(
"iconSize"
,
qs
);
Cookie
cookie
=
new
Cookie
(
"iconSize"
,
Functions
.
validateIconSize
(
qs
)
);
cookie
.
setMaxAge
(
/* ~4 mo. */
9999999
);
// #762
rsp
.
addCookie
(
cookie
);
String
ref
=
req
.
getHeader
(
"Referer"
);
...
...
@@ -3964,8 +3963,6 @@ public class Jenkins extends AbstractCIBase implements ModifiableTopLevelItemGro
private
static
final
Logger
LOGGER
=
Logger
.
getLogger
(
Jenkins
.
class
.
getName
());
private
static
final
Pattern
ICON_SIZE
=
Pattern
.
compile
(
"\\d+x\\d+"
);
public
static
final
PermissionGroup
PERMISSIONS
=
Permission
.
HUDSON_PERMISSIONS
;
public
static
final
Permission
ADMINISTER
=
Permission
.
HUDSON_ADMINISTER
;
public
static
final
Permission
READ
=
new
Permission
(
PERMISSIONS
,
"Read"
,
Messages
.
_Hudson_ReadPermission_Description
(),
Permission
.
READ
,
PermissionScope
.
JENKINS
);
...
...
core/src/main/resources/lib/hudson/setIconSize.jelly
浏览文件 @
a0b00508
...
...
@@ -27,7 +27,7 @@ THE SOFTWARE.
-->
<?jelly escape-by-default='true'?>
<j:jelly xmlns:j="jelly:core" xmlns:x="jelly:xml" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
<j:set scope="parent" var="iconSize" value="${h.
getCookie(request,'iconSize','32x32'
)}" />
<j:set scope="parent" var="iconSize" value="${h.
validateIconSize(h.getCookie(request,'iconSize','32x32')
)}" />
<!--
balls look smaller than their actual size,
so we try not to make the secondary icons look bigger than the icon.
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录