From 92171e3cf2f3803ddfd0d92e7884b8ca1983adce Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 19 Jan 2010 10:56:18 +0000 Subject: Fixed XSS vulerability. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@579 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUOnline/src/main/webapp/applet.jsp | 89 ++++++++++++++++++------------------ 1 file changed, 44 insertions(+), 45 deletions(-) diff --git a/BKUOnline/src/main/webapp/applet.jsp b/BKUOnline/src/main/webapp/applet.jsp index cd0a4d1b..582bee7e 100644 --- a/BKUOnline/src/main/webapp/applet.jsp +++ b/BKUOnline/src/main/webapp/applet.jsp @@ -16,7 +16,7 @@ --> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" - import="at.gv.egiz.bku.online.webapp.AppletDispatcher, org.apache.commons.lang.RandomStringUtils" %> + import="at.gv.egiz.bku.online.webapp.AppletDispatcher, org.apache.commons.lang.RandomStringUtils, org.apache.commons.lang.StringEscapeUtils" %> @@ -32,23 +32,30 @@ <% + String locale = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("locale")); + int width = session.getAttribute("appletWidth") == null ? 190 : (Integer) session.getAttribute("appletWidth"); int height = session.getAttribute("appletHeight") == null ? 130 : (Integer) session.getAttribute("appletHeight"); - String backgroundImg = session.getAttribute("appletBackground") == null + String backgroundImg = StringEscapeUtils.escapeJavaScript( + session.getAttribute("appletBackground") == null ? "../img/chip32.png" - : (String) session.getAttribute("appletBackground"); - String backgroundColor = (String) session.getAttribute("appletBackgroundColor"); - String guiStyle = (String) session.getAttribute("appletGuiStyle"); - String locale = (String) session.getAttribute("locale"); - String extension = (String) session.getAttribute("extension"); - + : (String) session.getAttribute("appletBackground")); + String backgroundColor = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("appletBackgroundColor")); + String guiStyle = StringEscapeUtils.escapeJavaScript( + (String) session.getAttribute("appletGuiStyle")); + + String sessionId = StringEscapeUtils.escapeJavaScript(session.getId()); + + String extension = (String) session.getAttribute("appletExtension"); String appletClass, appletArchive; - if ("activation".equals(extension)) { + if ("activation".equalsIgnoreCase(extension)) { appletArchive = "BKUAppletExt"; appletClass = "at.gv.egiz.bku.online.applet.ActivationApplet.class"; - } else if ("pin".equals(extension)) { + } else if ("pin".equalsIgnoreCase(extension)) { appletArchive = "BKUAppletExt"; appletClass = "at.gv.egiz.bku.online.applet.PINManagementApplet.class"; } else { @@ -73,40 +80,32 @@ %> - + if (!deployJava.versionCheck('1.6.0_04+')) { + document.write('

Diese Anwendung benötigt Version 6 Update 4 oder höher der Java™ Laufzeitumgebung.

'); + } else { + var attributes = { + codebase :'<%=codebase%>', + code : '<%=appletClass%>', + archive : '<%=appletArchive +".jar, commons-logging.jar, iaik_jce_me4se.jar"%>', + width : <%=width%>, + height :<%=height%>, + name : 'moccaapplet', + id : 'moccaapplet' + }; + var parameters = { + GuiStyle : '<%=guiStyle%>', + Locale : '<%=locale%>', + Background : '<%=backgroundImg%>', + BackgroundColor : '<%=backgroundColor%>', + WSDL_URL : '../stal;jsessionid=<%=sessionId%>?wsdl', + HelpURL : '../help/', + SessionID : '<%=sessionId%>', + RedirectURL : '../bkuResult', + RedirectTarget: '_parent', + EnforceRecommendedPINLength: 'true' + }; + deployJava.runApplet(attributes, parameters, '1.6.0_04'); + } + -- cgit v1.2.3