Changeset 5b0680b


Ignore:
Timestamp:
Feb 24, 2018 4:43:15 PM (2 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
005f7372
Parents:
9d989c6
Message:

i2psnark standalone: Add DNS rebinding protection
Add context config file to turn it off
Console: Mark request handled when rejecting in HostCheckHandler?
XSSFilter: Catch cascaded ISE

Location:
apps
Files:
3 added
5 edited

Legend:

Unmodified
Added
Removed
  • apps/i2psnark/java/build.xml

    r9d989c6 r5b0680b  
    5151                <!-- jsp-api.jar only present for debian builds -->
    5252                <pathelement location="../../jetty/jettylib/jsp-api.jar" />
    53                 <!-- jetty-i2p.jar only for RunStandalone -->
     53                <!-- following jars only for standalone builds -->
    5454                <pathelement location="../../jetty/jettylib/jetty-i2p.jar" />
    55                 <!-- systray.jar only for RunStandalone -->
    5655                <pathelement location="../../systray/java/build/systray.jar" />
     56                <pathelement location="../../jetty/jettylib/org.mortbay.jetty.jar" />
     57                <pathelement location="../../jetty/jettylib/jetty-util.jar" />
    5758            </classpath>
    5859        </javac>
     
    320321        <copy file="../i2psnark.war" tofile="./dist/webapps/i2psnark.war" />
    321322        <copy file="../jetty-i2psnark.xml" tofile="./dist/jetty-i2psnark.xml" />
     323        <copy file="../i2psnark-appctx.config" tofile="./dist/i2psnark-appctx.config" />
    322324        <copy file="./build/i2psnark-standalone.jar" tofile="./dist/i2psnark.jar" />
    323325        <copy file="../readme-standalone.txt" tofile="./dist/readme.txt" />
  • apps/i2psnark/java/src/org/klomp/snark/standalone/RunStandalone.java

    r9d989c6 r5b0680b  
    22
    33import java.io.File;
     4import java.io.IOException;
     5import java.util.Properties;
    46
    57import net.i2p.I2PAppContext;
    68import net.i2p.apps.systray.UrlLauncher;
     9import net.i2p.data.DataHelper;
    710import net.i2p.jetty.JettyStart;
    811
     
    1720    private String _host = "127.0.0.1";
    1821    private static RunStandalone _instance;
     22    static final File APP_CONFIG_FILE = new File("i2psnark-appctx.config");
    1923
    2024    private RunStandalone(String args[]) throws Exception {
    21         _context = I2PAppContext.getGlobalContext();
     25        Properties p = new Properties();
     26        if (APP_CONFIG_FILE.exists()) {
     27            try {
     28                DataHelper.loadProps(p, APP_CONFIG_FILE);
     29            } catch (IOException ioe) {}
     30        }
     31        _context = new I2PAppContext(p);
    2232        File base = _context.getBaseDir();
    2333        File xml = new File(base, "jetty-i2psnark.xml");
  • apps/i2psnark/jetty-i2psnark.xml

    r9d989c6 r5b0680b  
    5656        <Set name="handlers">
    5757         <Array type="org.eclipse.jetty.server.Handler">
     58           <Item>
     59             <New id="HostChecker" class="org.klomp.snark.standalone.HostCheckHandler"/>
     60           </Item>
    5861           <Item>
    5962             <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"/>
  • apps/jetty/java/src/net/i2p/servlet/filters/XSSFilter.java

    r9d989c6 r5b0680b  
    3434            // the data keeps coming and the connection gets reset.
    3535            // This way we at least get the error to the browser.
    36             ((HttpServletResponse)response).sendError(413, ise.getMessage());
     36            try {
     37                ((HttpServletResponse)response).sendError(413, ise.getMessage());
     38            } catch (IllegalStateException ise2) {
     39                // Committed, probably wasn't a multipart form error after all
     40            }
    3741        }
    3842    }
  • apps/routerconsole/java/src/net/i2p/router/web/HostCheckHandler.java

    r9d989c6 r5b0680b  
    7979            log.logAlways(Log.WARN, s);
    8080            httpResponse.sendError(403, s);
     81            baseRequest.setHandled(true);
    8182            return;
    8283        }
     
    9394                    (redir == null && "1".equals(httpRequest.getHeader("Upgrade-Insecure-Requests")))) {
    9495                    sendRedirect(httpsPort, httpRequest, httpResponse);
     96                    baseRequest.setHandled(true);
    9597                    return;
    9698                }
Note: See TracChangeset for help on using the changeset viewer.