BF [ 2728388 ] - Fix potential CSS vulnerability

This commit is contained in:
mjudd 2009-04-14 07:48:20 +00:00
parent aeaee5d1a0
commit c943b4f1e4
1 changed files with 4 additions and 1 deletions

View File

@ -18,9 +18,12 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.compiere.interfaces.MD5;
import org.compiere.util.Util;
/**
* Servlet Class
*
* @author Michael Judd BF [2728388] - fix potential CSS vulnerability
*/
public class GetMD5FileServlet extends HttpServlet {
@ -55,7 +58,7 @@ public class GetMD5FileServlet extends HttpServlet {
throws ServletException,
IOException {
// TODO Auto-generated method stub
String file = req.getParameter("File");
String file = Util.maskHTML(req.getParameter("File"));
PrintWriter out = resp.getWriter();
out.println("<HTML><HEAD><TITLE>MD5 Hash</TITLE></HEAD><BODY>");
out.println("File is: "+ file + "<BR>MD5 : "+ md5.getFileMD5(file)+"<BR>");