From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Thu, 14 Jun 2007 01:55:09 +0000 (+0000)
Subject: Fix XSS issue in Manager and Host Manager. This is CVE-2007-2450.
X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=be099b30fdff0e8bd6d4a731b21124206f4698da;p=tomcat7.0

Fix XSS issue in Manager and Host Manager. This is CVE-2007-2450.

git-svn-id: https://svn.apache.org/repos/asf/tomcat/tc6.0.x/trunk@547077 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/java/org/apache/catalina/manager/HTMLManagerServlet.java b/java/org/apache/catalina/manager/HTMLManagerServlet.java
index 9915c0820..49afafecc 100644
--- a/java/org/apache/catalina/manager/HTMLManagerServlet.java
+++ b/java/org/apache/catalina/manager/HTMLManagerServlet.java
@@ -130,8 +130,7 @@ public final class HTMLManagerServlet extends ManagerServlet {
             message = stop(path);
         } else {
             message =
-                sm.getString("managerServlet.unknownCommand",
-                             RequestUtil.filter(command));
+                sm.getString("managerServlet.unknownCommand", command);
         }
 
         list(request, response, message);
@@ -305,7 +304,11 @@ public final class HTMLManagerServlet extends ManagerServlet {
         // Message Section
         args = new Object[3];
         args[0] = sm.getString("htmlManagerServlet.messageLabel");
-        args[1] = (message == null || message.length() == 0) ? "OK" : message;
+        if (message == null || message.length() == 0) {
+            args[1] = "OK";
+        } else {
+            args[1] = RequestUtil.filter(message);
+        }
         writer.print(MessageFormat.format(Constants.MESSAGE_SECTION, args));
 
         // Manager Section
diff --git a/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java b/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
index 55fc94bea..daf1ae92f 100644
--- a/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
+++ b/java/org/apache/catalina/manager/host/HTMLHostManagerServlet.java
@@ -32,6 +32,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.catalina.Container;
 import org.apache.catalina.Host;
+import org.apache.catalina.util.RequestUtil;
 import org.apache.catalina.util.ServerInfo;
 
 /**
@@ -195,7 +196,11 @@ public final class HTMLHostManagerServlet extends HostManagerServlet {
         // Message Section
         args = new Object[3];
         args[0] = sm.getString("htmlHostManagerServlet.messageLabel");
-        args[1] = (message == null || message.length() == 0) ? "OK" : message;
+        if (message == null || message.length() == 0) {
+            args[1] = "OK";
+        } else {
+            args[1] = RequestUtil.filter(message);
+        }
         writer.print(MessageFormat.format(Constants.MESSAGE_SECTION, args));
 
         // Manager Section