dg2-new
9163d41228
* I2PSnark, Jetty, SAM, crypto: findbugs resource leaks.
2015-02-10 21:57:27 +00:00
b28eb708a4
* Console:
...
- Fix update buttons
- Don't filter parameter names starting with "nofilter_"
- Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
- Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
- Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
- Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
- More escaping
* i2psnark: Fix add torrent form
2014-08-03 13:58:51 +00:00
6753d23309
Add filtering for getParameterMap()
...
Don't return null entries in getParameterValues() array
Log in getParameterValues() too
static
2014-07-26 15:09:40 +00:00
2c8223274d
filter pattern tweaks
2014-07-26 13:43:52 +00:00
f0dd09cf9c
filter logging
2014-07-26 12:18:35 +00:00
58578d9020
Console:
...
XSSFilter patch from str4d:
XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
No provided license, but it is clearly intended for public consumption.
But most of it is boilerplate provided by the Servlet Filter system.
In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
it is effectively identical to what I would have written from scratch.
2014-07-26 09:39:31 +00:00
51911bd9a8
fix jetty deprecations
2014-03-12 12:25:30 +00:00
str4d
ae79deff39
net.i2p.jetty.*: type arguments, unused imports
2013-11-21 10:13:34 +00:00
3d42946ff5
* Console: Remove I2PDigestAuthenticator workaround, as Jetty 7.6.11 has the fix
...
* Jetty 7.6.11
* Tomcat 6.0.37
2013-05-29 16:30:00 +00:00
813a1981d9
* Console, TunnelControllerGroup: Don't register shutdown hook if ClientAppManager is present
...
* JettyStart: Fixes for use by plugins
* RouterAppManager: Add shutdown hook
2013-04-24 15:45:15 +00:00
22025b0c3a
* Console: Fix Jetty digest auth bug causing repeated password requests
...
I2P fixes for out-of-order nonce counts.
Based on DigestAuthenticator in Jetty 7.6.10.
Includes the nonce count verification code from Tomcat 7.0.35.
ref: http://jira.codehaus.org/browse/JETTY-1468 which was closed not-a-bug.
ref: https://bugs.eclipse.org/bugs/show_bug.cgi?id=336443 in which the
Jetty implementation was introduced.
2013-04-23 18:22:48 +00:00
4358d11191
Baseline checkin of DigestAuthenticator from Jetty 7.6.10 before mods
2013-04-23 18:19:49 +00:00
5ea2832ae0
* AppManager: Register jetty, console, and SAM with manager
2013-04-19 11:41:35 +00:00
57b794f72a
* Jetty logging: Fix logging using I2PLogger class;
...
log ignored messages at debug level
2013-04-14 14:02:43 +00:00
be8697cb9a
jetty 7 first cut
2012-11-21 18:05:50 +00:00
cbc9165afd
- Add a jetty starter that can be stopped later
...
- Include jetty-i2p.jar in the updaters
2012-10-17 17:37:45 +00:00
703f28e87d
* Build:
...
- Include old commons logging classes in commons-logging.jar
- Preserve manifests in Jetty/Tomcat jars
* Jetty Logger: Promote warns to erros when a Throwable is the second arg
2012-03-11 18:30:43 +00:00
7bd83f83ed
* Jetty Logger: Put a note in wrapper log saying where the logs went
2012-03-10 21:51:20 +00:00
e1c3979af7
* Jetty logger: Fix stack trace logging
2012-03-06 14:01:13 +00:00
51f7f3a378
log all jetty warns as errors
2012-01-10 03:40:53 +00:00
33b25b5780
- Fix jetty.xml migrate quote handling
...
- Fix I2PRequestLog javadoc
- Rename jetty-threadpool.jar to jetty-java5-threadpool.jar to match ubuntu symlink
- Bundle jetty-rewrite-handler.jar (20KB) and .xml config to
make it easier to do rewrites (unused by I2P)
2012-01-01 17:57:59 +00:00
beb6d1f43f
I2PLogger fix; better log init
2011-12-31 00:49:39 +00:00
03e86fcb24
make jetty use I2P logging
2011-12-30 19:44:57 +00:00
be7623a462
- Start webapps after console for faster startup
...
- Add delay in systray port checker to ensure console is up
- Move I2PRequestLog to net.i2p.jetty package
2011-12-29 23:25:27 +00:00
