source: apps/routerconsole/jsp/configpeer.jsp @ 07162b5

Last change on this file since 07162b5 was 07162b5, checked in by kytv <kytv@…>, 9 years ago

escape quotation marks in jsp files

The routerconsole's precompilejsp target failed when using the jetty packages
from Debian. These escaped jsp files also work with 'our' jetty6 (and jetty6).

  • Property mode set to 100644
File size: 3.3 KB
Line 
1<%@page contentType="text/html"%>
2<%@page pageEncoding="UTF-8"%>
3<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
4
5<html><head>
6<%@include file="css.jsi" %>
7<%=intl.title("config peers")%>
8</head><body>
9
10<%@include file="summary.jsi" %>
11<h1><%=intl._("I2P Peer Configuration")%></h1>
12<div class="main" id="main">
13 <%@include file="confignav.jsi" %>
14
15 <jsp:useBean class="net.i2p.router.web.ConfigPeerHandler" id="formhandler" scope="request" />
16 <% formhandler.storeMethod(request.getMethod()); %>
17 <jsp:setProperty name="formhandler" property="*" />
18 <jsp:setProperty name="formhandler" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
19 <jsp:getProperty name="formhandler" property="allMessages" />
20
21
22
23 <jsp:useBean class="net.i2p.router.web.ConfigPeerHelper" id="peerhelper" scope="request" />
24 <jsp:setProperty name="peerhelper" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
25
26 <% String peer = "";
27    if (request.getParameter("peer") != null)
28        peer = net.i2p.data.DataHelper.stripHTML(request.getParameter("peer"));  // XSS
29 %>
30 <div class="configure">
31 <form action="configpeer" method="POST">
32 <input type="hidden" name="nonce" value="<jsp:getProperty name="formhandler" property="newNonce" />" >
33 <a name="sh"> </a>
34 <a name="unsh"> </a>
35 <a name="bonus"> </a>
36 <h2><%=intl._("Manual Peer Controls")%></h2>
37 <div class="mediumtags"><p><%=intl._("Router Hash")%>:
38<input type="text" size="55" name="peer" value="<%=peer%>" /></p></div>
39 <h3><%=intl._("Manually Ban / Unban a Peer")%></h3>
40 <p><%=intl._("Banning will prevent the participation of this peer in tunnels you create.")%></p>
41      <div class="formaction">
42        <input type="submit" name="action" class="delete" value="<%=intl._("Ban peer until restart")%>" />
43        <input type="submit" name="action" class="accept" value="<%=intl._("Unban peer")%>" />
44        <% if (! "".equals(peer)) { %>
45        <!-- <font color="blue">&lt;---- click to verify action</font> -->
46        <% } %>
47      </div>
48
49 <h3><%=intl._("Adjust Profile Bonuses")%></h3>
50 <p><%=intl._("Bonuses may be positive or negative, and affect the peer's inclusion in Fast and High Capacity tiers. Fast peers are used for client tunnels, and High Capacity peers are used for some exploratory tunnels. Current bonuses are displayed on the")%> <a href="profiles"><%=intl._("profiles page")%></a>.</p>
51 <% long speed = 0; long capacity = 0;
52    if (! "".equals(peer)) {
53        // get existing bonus values?
54    }
55 %>
56 <div class="mediumtags"><p><%=intl._("Speed")%>:
57 <input type="text" size="8" name="speed" value="<%=speed%>" />
58 <%=intl._("Capacity")%>:
59 <input type="text" size="8" name="capacity" value="<%=capacity%>" />
60 <input type="submit" name="action" class="add" value="<%=intl._("Adjust peer bonuses")%>" /></p></div>
61 </form>
62 <a name="shitlist"> </a><h2><%=intl._("Banned Peers")%></h2>
63 <jsp:useBean class="net.i2p.router.web.ProfilesHelper" id="profilesHelper" scope="request" />
64 <jsp:setProperty name="profilesHelper" property="contextId" value="<%=(String)session.getAttribute(\"i2p.contextId\")%>" />
65 <% profilesHelper.storeWriter(out); %>
66 <jsp:getProperty name="profilesHelper" property="shitlistSummary" />
67 <div class="wideload"><h2><%=intl._("Banned IPs")%></h2>
68 <jsp:getProperty name="peerhelper" property="blocklistSummary" />
69
70</div><hr></div></div></body></html>
Note: See TracBrowser for help on using the repository browser.