AGentooCat/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,340 Commits 4 Branches 192 Tags
0b59f53fe9d46606cdcdba3aae04a32df86caa6e
Commit Graph

34 Commits

Author SHA1 Message Date
zzz
fa9f60bcd9 Console, webapps: CSP improvements 
i2ptunnel, susidns: Add headers.jsi
Console: Remove onload and use nonce for inline scripts where able
Version remaining js links
 2019-12-25 12:18:00 +00:00
zzz
adb1c6f58e Jetty: Fix webapps in eepsite (ticket #2477) 2019-05-12 18:14:55 +00:00
zzz
6237fc89ad Jetty: Hide sizes and dates of directories in listings 2019-04-10 18:25:20 +00:00
zzz
316011e047 Debian: Fix version detection of Tomcat 9 required for reproducible builds 2019-01-31 11:55:43 +00:00
zzz
3527f251c8 Debian: Add build option for libtomcat9 (ticket #2364) 2019-01-24 14:15:04 +00:00
zzz
34f0d7d7b3 Build: Compile jsps in-order for reproducibility (ticket #2279) 2018-09-24 15:52:42 +00:00
zzz
6b53a4fac4 Build: Fix hang with Tomcat 8.5.33+ (ticket #2307) 2018-09-16 11:29:03 +00:00
zzz
41e20ae707 Utils: Don't truncate at a ZWJ 2018-07-25 15:34:23 +00:00
zzz
3701f71fc6 Jetty: Skip files with [] in default servlet to avoid throwing exception 2018-05-26 19:31:40 +00:00
zzz
780fdfe4f6 Console: Add POST support to the error handler so it doesn't error itself 2018-04-28 18:37:59 +00:00
zzz
16c5252c43 Jetty: Dir listing time format tweak 2018-04-28 11:32:36 +00:00
zzz
d12b531c54 Jetty: Fix quote in header line tripping XSS filter (ticket #2215) 2018-04-14 13:25:25 +00:00
zzz
2aceca5f93 Console: Add error handler to all webapps (ticket #2155) 
Fix up default servlet handling in i2ptunnel and susidns
 2018-03-14 18:33:14 +00:00
zzz
5b0680b29e i2psnark standalone: Add DNS rebinding protection 
Add context config file to turn it off
Console: Mark request handled when rejecting in HostCheckHandler
XSSFilter: Catch cascaded ISE
 2018-02-24 16:43:15 +00:00
zzz
b013173c86 Util: Allow backslash in XSS filter on Windows 2018-02-06 21:52:02 +00:00
zzz
541dae36d4 Util: New util to truncate a string that won't split across a surrogate pair 2018-01-10 17:39:58 +00:00
zzz
be004cd350 Util: Consolidate two copies of WriterOutputStream into jetty-i2p.jar 2017-12-18 12:45:04 +00:00
zzz
f5dffb0726 Susimail, Console, Jetty: 
- Adjust multipart size limits
- Better handling of errors when multipart limits are exceeded
- Fix multipart config for /configplugins
- Test for total size limit in susimail
 2017-12-05 21:46:11 +00:00
zzz
c299976165 Jetty: Refactor (rather than remove) RequestWrapper to use Servlet 3.0 API. 
Remove old org.mortbay helper classes copied from Jetty 5, saving about 24 KB.
Large attachments will now be written to temp files. (ticket #2109)
 2017-12-04 16:08:03 +00:00
zzz
14941d0dda Deprecate RequestWrapper (ticket #2109) 2017-12-03 23:09:22 +00:00
zzz
ed39ea408f Utils: Consolidate user-agent detection code in a new utility class 
Add some new checks for mobile
 2017-11-16 12:58:59 +00:00
zzz
24414845d0 Package changelogs 
Fix extra chars in patch 1
Fix javadoc causing build error on Trusty
Deb build doc updates
 2017-08-09 19:53:41 +00:00
zzz
777d2fc0f0 javadoc fix 2017-05-17 13:26:39 +00:00
zzz
3e354f2f1a Jetty: New default servlet for eepsite, with 
locale-independent directory listing (ticket #1965)
 2017-05-05 19:53:43 +00:00
zzz
a6e62afc1f Servlet: Catch OOM in MultiPartRequest 2017-03-01 12:58:16 +00:00
zzz
5be077e25d Clean up single char indexOf() 2016-12-02 18:52:37 +00:00
zzz
abc0f4c720 lint core, console, i2ptunnel, jetty 2015-10-17 17:38:57 +00:00
zzz
71bc55b470 lint core, i2psnark, jetty, susimail 2015-10-17 16:49:37 +00:00
zzz
7f472e4ee9 Console: 
- Move multipart form support from susimail to jetty-i2p.jar
    so console can use it
  - Add multipart form support to formhandler.jsi and FormHandler.java
Reseed:
  - Fix zip magic number
  - Finish manual reseed from local file
package.html files for jetty-i2p.jar
 2015-03-20 12:30:04 +00:00
zzz
b28eb708a4 * Console: 
- Fix update buttons
   - Don't filter parameter names starting with "nofilter_"
   - Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
   - Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
   - Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
   - Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
   - More escaping
 * i2psnark: Fix add torrent form
 2014-08-03 13:58:51 +00:00
zzz
6753d23309 Add filtering for getParameterMap() 
Don't return null entries in getParameterValues() array
Log in getParameterValues() too
static
 2014-07-26 15:09:40 +00:00
zzz
2c8223274d filter pattern tweaks 2014-07-26 13:43:52 +00:00
zzz
f0dd09cf9c filter logging 2014-07-26 12:18:35 +00:00
zzz
58578d9020 Console: 
XSSFilter patch from str4d:
  XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
  No provided license, but it is clearly intended for public consumption.
  But most of it is boilerplate provided by the Servlet Filter system.
  In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
  it is effectively identical to what I would have written from scratch.
 2014-07-26 09:39:31 +00:00