goldcollection
/
muwire
mirror of https://github.com/zlatinb/muwire
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

sanitize input in /FileDetails page. Thanks to Beardog for the report

hotfix/0.8.7
Zlatin Balevsky 2021-07-06 20:37:58 +01:00
parent accf8301ad
commit a73a7a4ad3
No known key found for this signature in database
GPG Key ID: A72832072D525E41
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webui/src/main/webapp/FileDetails.jsp
View File

@ -11,7 +11,7 @@ String helptext = Util._t("View details about the selected shared file here.");
String path = request.getParameter("path"); String path = request.getParameter("path");
File file = Util.getFromPathElements(path); File file = Util.getFromPathElements(path);
String filePath = Util.escapeHTMLinXML(file.getAbsolutePath());
%> %>
<html> <html>
@ -31,7 +31,7 @@ File file = Util.getFromPathElements(path);
<%@include file="sidebar.jsi"%> <%@include file="sidebar.jsi"%>
</aside> </aside>
<section class="main foldermain"> <section class="main foldermain">
<h2><%=Util._t("Details for {0}", file.getAbsolutePath())%></h2> <h2><%=Util._t("Details for {0}", filePath)%></h2>
<h3><%=Util._t("Search Hits")%></h3> <h3><%=Util._t("Search Hits")%></h3>
<div id="table-wrapper"> <div id="table-wrapper">
<div id="table-scroll"> <div id="table-scroll">