Explorar el Código
Prevent HTTP Response splitting in case the server doesn't (#19611)
Prevent user-provided input used in the redirect from containing newline characters as the user agent would interpret subsequent parts of the input as additional headers or the actual HTTP payload. At least modern versions of Tomcat and Jetty already protect against this kind of attack by escaping received header values, but that is not necessarily the case for older versions or other servlet engines. See https://www.owasp.org/index.php/HTTP_Response_Splitting for details. Change-Id: If4b9bf5fba953073de49c1ab1cba8e5e6bc8e546tags/7.7.0.alpha1
Leif Åstrand
hace 9 años
Se han modificado 1 ficheros con 2 adiciones y 0 borrados
+ 2
- 0
server/src/com/vaadin/server/VaadinServlet.java
Ver fichero
| location = location + "/" + lastPathParameter; | location = location + "/" + lastPathParameter; | ||||
| String queryString = request.getQueryString(); | String queryString = request.getQueryString(); | ||||
| if (queryString != null) { | if (queryString != null) { | ||||
| // Prevent HTTP Response splitting in case the server doesn't | |||||
| queryString = queryString.replaceAll("[\\r\\n]", ""); | |||||
| location += '?' + queryString; | location += '?' + queryString; | ||||
| } | } | ||||
| response.sendRedirect(location); | response.sendRedirect(location); |
Cargando…