aboutsummaryrefslogtreecommitdiff
path: root/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java
diff options
context:
space:
mode:
Diffstat (limited to 'pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java')
-rw-r--r--pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java14
1 files changed, 11 insertions, 3 deletions
diff --git a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java
index 670756de..72128a9c 100644
--- a/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java
+++ b/pdf-as-web/src/main/java/at/gv/egiz/pdfas/web/servlets/ErrorPage.java
@@ -32,6 +32,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -113,9 +114,16 @@ public class ErrorPage extends HttpServlet {
if (errorURL != null
&& WebConfiguration.isProvidePdfURLinWhitelist(errorURL)) {
String template = PdfAsHelper.getErrorRedirectTemplateSL();
- template = template.replace("##ERROR_URL##", errorURL);
-
+
URL url = new URL(errorURL);
+ String errorURLProcessed = url.getProtocol() + "://" + // "http" + "://
+ url.getHost() + // "myhost"
+ ":" + // ":"
+ url.getPort() + // "8080"
+ url.getPath();
+
+ template = template.replace("##ERROR_URL##", errorURLProcessed);
+
String extraParams = UrlParameterExtractor
.buildParameterFormString(url);
template = template.replace("##ADD_PARAMS##", extraParams);
@@ -126,7 +134,7 @@ public class ErrorPage extends HttpServlet {
target = "_self";
}
- template = template.replace("##TARGET##", target);
+ template = template.replace("##TARGET##", StringEscapeUtils.escapeHtml4(target));
if (e != null && WebConfiguration.isShowErrorDetails()) {
template = template.replace("##CAUSE##",
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-15 22:55:30 +0000