Opened 3 years ago
Closed 3 years ago
#2215 closed defect (fixed)
[le Jetty-712] vlet.filters.XSSRequestWrapper
Reported by: | anonymous maybe | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | 0.9.35 |
Component: | apps/jetty | Version: | 0.9.34 |
Keywords: | Cc: | ||
Parent Tickets: | Sensitive: | no |
Description
- I2P Version and Running Environment
I2P version: 0.9.34-0-2ubuntu1 Java version: Oracle Corporation 1.8.0_162 (OpenJDK Runtime Environment 1.8.0_162-8u162-b12-1~deb9u1-b12) Wrapper version: 3.5.30 Server version: 9.2.21.v20170120 Servlet version: Jasper JSP 2.3 Engine JSTL version: standard-taglib 1.2.5 Platform: Linux amd64 4.14.18-1.pvops.qubes.x86_64 Jcpuid version: 3 Processor: Haswell Core i3/i5/i7 model 60 (coreihwl) Jbigi: Locally optimized native BigInteger library loaded from file Jbigi version: 4 GMP version: 6.1.2 Encoding: UTF-8 Charset: UTF-8
- Router Logs
4/13/18 12:34:21 PM WARN [luginStarter] rg.eclipse.jetty.server.Server: EXCEPTION : java.lang.IllegalArgumentException: File not resolvable or incompatible with URLClassloader: jar:file:/home/user/.i2p/plugins/i2pbote/console/webapps/i2pbote.war!/WEB-INF/lib/tomcat-jsp-api-8.5.23.jar 4/13/18 12:34:21 PM ^^^ 2 similar messages omitted ^^^ 4/13/18 10:01:08 PM WARN [le Jetty-712] vlet.filters.XSSRequestWrapper: URL "/images" Stripped header "If-None-Match" : ""0.9.34-0-2ubuntu1""
Subtickets
Change History (2)
comment:1 Changed 3 years ago by
Summary: | [le Jetty-712] vlet.filters.XSSRequestWrapper[le Jetty-712] vlet.filters.XSSRequestWrapper → [le Jetty-712] vlet.filters.XSSRequestWrapper |
---|
comment:2 Changed 3 years ago by
Milestone: | undecided → 0.9.35 |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Note: See
TracTickets for help on using
tickets.
The PluginStarter? error you already reported in #2210, it's a bote issue.
The XSS is from the etag on the susidns image, it will show up when you load the susidns main page. I saw it during testing of the release but didn't bother to fix it at the time, it's harmless.
In c11dc8cac09eb76f5ea488248655e77b17c5158f to be 0.9.34-2