[prev in list] [next in list] [prev in thread] [next in thread]
List: xerces-cvs
Subject: svn commit: r1505819 - in /xerces/site/trunk/production/xerces2-j/javadocs: api/index.html other/ind
From: mrglavas () apache ! org
Date: 2013-07-22 21:07:31
Message-ID: 20130722210732.05ECB23888E2 () eris ! apache ! org
[Download RAW message or body]
Author: mrglavas
Date: Mon Jul 22 21:07:31 2013
New Revision: 1505819
URL: http://svn.apache.org/r1505819
Log:
Fix Javadoc vulnerability.
Modified:
xerces/site/trunk/production/xerces2-j/javadocs/api/index.html
xerces/site/trunk/production/xerces2-j/javadocs/other/index.html
xerces/site/trunk/production/xerces2-j/javadocs/xerces2/index.html
xerces/site/trunk/production/xerces2-j/javadocs/xni/index.html
xerces/site/trunk/production/xerces2-j/javadocs/xs/index.html
Modified: xerces/site/trunk/production/xerces2-j/javadocs/api/index.html
URL: http://svn.apache.org/viewvc/xerces/site/trunk/production/xerces2-j/javadocs/api/index.html?rev=1505819&r1=1505818&r2=1505819&view=diff
==============================================================================
--- xerces/site/trunk/production/xerces2-j/javadocs/api/index.html (original)
+++ xerces/site/trunk/production/xerces2-j/javadocs/api/index.html Mon Jul 22 \
21:07:31 2013 @@ -12,6 +12,42 @@ XML Standard API
targetPage = targetPage.substring(1);
if (targetPage.indexOf(":") != -1)
targetPage = "undefined";
+ if (targetPage != "" && !validURL(targetPage))
+ targetPage = "undefined";
+ function validURL(url) {
+ var pos = url.indexOf(".html");
+ if (pos == -1 || pos != url.length - 5)
+ return false;
+ var allowNumber = false;
+ var allowSep = false;
+ var seenDot = false;
+ for (var i = 0; i < url.length - 5; i++) {
+ var ch = url.charAt(i);
+ if ('a' <= ch && ch <= 'z' ||
+ 'A' <= ch && ch <= 'Z' ||
+ ch == '$' ||
+ ch == '_') {
+ allowNumber = true;
+ allowSep = true;
+ } else if ('0' <= ch && ch <= '9'
+ || ch == '-') {
+ if (!allowNumber)
+ return false;
+ } else if (ch == '/' || ch == '.') {
+ if (!allowSep)
+ return false;
+ allowNumber = false;
+ allowSep = false;
+ if (ch == '.')
+ seenDot = true;
+ if (ch == '/' && seenDot)
+ return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
function loadFrames() {
if (targetPage != "" && targetPage != "undefined")
top.classFrame.location = top.targetPage;
Modified: xerces/site/trunk/production/xerces2-j/javadocs/other/index.html
URL: http://svn.apache.org/viewvc/xerces/site/trunk/production/xerces2-j/javadocs/other/index.html?rev=1505819&r1=1505818&r2=1505819&view=diff
==============================================================================
--- xerces/site/trunk/production/xerces2-j/javadocs/other/index.html (original)
+++ xerces/site/trunk/production/xerces2-j/javadocs/other/index.html Mon Jul 22 \
21:07:31 2013 @@ -12,6 +12,42 @@ Other Classes
targetPage = targetPage.substring(1);
if (targetPage.indexOf(":") != -1)
targetPage = "undefined";
+ if (targetPage != "" && !validURL(targetPage))
+ targetPage = "undefined";
+ function validURL(url) {
+ var pos = url.indexOf(".html");
+ if (pos == -1 || pos != url.length - 5)
+ return false;
+ var allowNumber = false;
+ var allowSep = false;
+ var seenDot = false;
+ for (var i = 0; i < url.length - 5; i++) {
+ var ch = url.charAt(i);
+ if ('a' <= ch && ch <= 'z' ||
+ 'A' <= ch && ch <= 'Z' ||
+ ch == '$' ||
+ ch == '_') {
+ allowNumber = true;
+ allowSep = true;
+ } else if ('0' <= ch && ch <= '9'
+ || ch == '-') {
+ if (!allowNumber)
+ return false;
+ } else if (ch == '/' || ch == '.') {
+ if (!allowSep)
+ return false;
+ allowNumber = false;
+ allowSep = false;
+ if (ch == '.')
+ seenDot = true;
+ if (ch == '/' && seenDot)
+ return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
function loadFrames() {
if (targetPage != "" && targetPage != "undefined")
top.classFrame.location = top.targetPage;
Modified: xerces/site/trunk/production/xerces2-j/javadocs/xerces2/index.html
URL: http://svn.apache.org/viewvc/xerces/site/trunk/production/xerces2-j/javadocs/xerces2/index.html?rev=1505819&r1=1505818&r2=1505819&view=diff
==============================================================================
--- xerces/site/trunk/production/xerces2-j/javadocs/xerces2/index.html (original)
+++ xerces/site/trunk/production/xerces2-j/javadocs/xerces2/index.html Mon Jul 22 \
21:07:31 2013 @@ -12,6 +12,42 @@ Xerces2 Implementation
targetPage = targetPage.substring(1);
if (targetPage.indexOf(":") != -1)
targetPage = "undefined";
+ if (targetPage != "" && !validURL(targetPage))
+ targetPage = "undefined";
+ function validURL(url) {
+ var pos = url.indexOf(".html");
+ if (pos == -1 || pos != url.length - 5)
+ return false;
+ var allowNumber = false;
+ var allowSep = false;
+ var seenDot = false;
+ for (var i = 0; i < url.length - 5; i++) {
+ var ch = url.charAt(i);
+ if ('a' <= ch && ch <= 'z' ||
+ 'A' <= ch && ch <= 'Z' ||
+ ch == '$' ||
+ ch == '_') {
+ allowNumber = true;
+ allowSep = true;
+ } else if ('0' <= ch && ch <= '9'
+ || ch == '-') {
+ if (!allowNumber)
+ return false;
+ } else if (ch == '/' || ch == '.') {
+ if (!allowSep)
+ return false;
+ allowNumber = false;
+ allowSep = false;
+ if (ch == '.')
+ seenDot = true;
+ if (ch == '/' && seenDot)
+ return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
function loadFrames() {
if (targetPage != "" && targetPage != "undefined")
top.classFrame.location = top.targetPage;
Modified: xerces/site/trunk/production/xerces2-j/javadocs/xni/index.html
URL: http://svn.apache.org/viewvc/xerces/site/trunk/production/xerces2-j/javadocs/xni/index.html?rev=1505819&r1=1505818&r2=1505819&view=diff
==============================================================================
--- xerces/site/trunk/production/xerces2-j/javadocs/xni/index.html (original)
+++ xerces/site/trunk/production/xerces2-j/javadocs/xni/index.html Mon Jul 22 \
21:07:31 2013 @@ -12,6 +12,42 @@ Xerces Native Interface
targetPage = targetPage.substring(1);
if (targetPage.indexOf(":") != -1)
targetPage = "undefined";
+ if (targetPage != "" && !validURL(targetPage))
+ targetPage = "undefined";
+ function validURL(url) {
+ var pos = url.indexOf(".html");
+ if (pos == -1 || pos != url.length - 5)
+ return false;
+ var allowNumber = false;
+ var allowSep = false;
+ var seenDot = false;
+ for (var i = 0; i < url.length - 5; i++) {
+ var ch = url.charAt(i);
+ if ('a' <= ch && ch <= 'z' ||
+ 'A' <= ch && ch <= 'Z' ||
+ ch == '$' ||
+ ch == '_') {
+ allowNumber = true;
+ allowSep = true;
+ } else if ('0' <= ch && ch <= '9'
+ || ch == '-') {
+ if (!allowNumber)
+ return false;
+ } else if (ch == '/' || ch == '.') {
+ if (!allowSep)
+ return false;
+ allowNumber = false;
+ allowSep = false;
+ if (ch == '.')
+ seenDot = true;
+ if (ch == '/' && seenDot)
+ return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
function loadFrames() {
if (targetPage != "" && targetPage != "undefined")
top.classFrame.location = top.targetPage;
Modified: xerces/site/trunk/production/xerces2-j/javadocs/xs/index.html
URL: http://svn.apache.org/viewvc/xerces/site/trunk/production/xerces2-j/javadocs/xs/index.html?rev=1505819&r1=1505818&r2=1505819&view=diff
==============================================================================
--- xerces/site/trunk/production/xerces2-j/javadocs/xs/index.html (original)
+++ xerces/site/trunk/production/xerces2-j/javadocs/xs/index.html Mon Jul 22 21:07:31 \
2013 @@ -12,6 +12,42 @@ XML Schema API
targetPage = targetPage.substring(1);
if (targetPage.indexOf(":") != -1)
targetPage = "undefined";
+ if (targetPage != "" && !validURL(targetPage))
+ targetPage = "undefined";
+ function validURL(url) {
+ var pos = url.indexOf(".html");
+ if (pos == -1 || pos != url.length - 5)
+ return false;
+ var allowNumber = false;
+ var allowSep = false;
+ var seenDot = false;
+ for (var i = 0; i < url.length - 5; i++) {
+ var ch = url.charAt(i);
+ if ('a' <= ch && ch <= 'z' ||
+ 'A' <= ch && ch <= 'Z' ||
+ ch == '$' ||
+ ch == '_') {
+ allowNumber = true;
+ allowSep = true;
+ } else if ('0' <= ch && ch <= '9'
+ || ch == '-') {
+ if (!allowNumber)
+ return false;
+ } else if (ch == '/' || ch == '.') {
+ if (!allowSep)
+ return false;
+ allowNumber = false;
+ allowSep = false;
+ if (ch == '.')
+ seenDot = true;
+ if (ch == '/' && seenDot)
+ return false;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
function loadFrames() {
if (targetPage != "" && targetPage != "undefined")
top.classFrame.location = top.targetPage;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@xerces.apache.org
For additional commands, e-mail: commits-help@xerces.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic