fixed encoding bug made in SVN 3993

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@3998 6c8d7289-2bf4-0310-a012-ef5d649a1542
pull/1/head
orbiter 18 years ago
parent ec817a2ff5
commit 511dcbb172

@ -129,7 +129,7 @@ public class BlacklistCleaner_p {
// list illegal entries
HashMap ies = getIllegalEntries(blacklistToUse, supportedBlacklistTypes, plasmaSwitchboard.urlBlacklist);
prop.put(RESULTS + "entries", ies.size());
prop.putSafeXML(RESULTS + "blEngine", plasmaSwitchboard.urlBlacklist.getEngineInfo());
prop.put(RESULTS + "blEngine", plasmaSwitchboard.urlBlacklist.getEngineInfo());
prop.put(RESULTS + "disabled", (ies.size() == 0) ? 1 : 0);
if (ies.size() > 0) {
prop.put(RESULTS + DISABLED + "entries", ies.size());
@ -139,7 +139,7 @@ public class BlacklistCleaner_p {
while (it.hasNext()) {
s = (String)it.next();
prop.put(RESULTS + DISABLED + ENTRIES + i + "_error", ((Integer)ies.get(s)).longValue());
prop.putSafeXML(RESULTS + DISABLED + ENTRIES + i + "_entry", s);
prop.put(RESULTS + DISABLED + ENTRIES + i + "_entry", s);
i++;
}
}

@ -238,7 +238,7 @@ public class dir {
// tree += "<span class=\"tt\">path&nbsp;=&nbsp;" + path + "</span><br><br>";
if (list != null) {
int filecount = 0, fileIdx = 0;
prop.putSafeXML("path", path);
prop.put("path", path);
boolean dark = false;
for (int i = 0; i < list.length; i++) {
@ -283,12 +283,12 @@ public class dir {
prop.put("dirlist_" + fileIdx + "_dir_rfc822date" , httpc.dateString(new Date(f.lastModified())));
prop.put("dirlist_" + fileIdx + "_dir_timestamp" , Long.toString(f.lastModified()));
// the entry name
prop.putSafeXML("dirlist_" + fileIdx + "_dir_name" , fileName);
prop.put("dirlist_" + fileIdx + "_dir_name" , fileName);
if (f.isDirectory()) {
// the entry is a directory
prop.put("dirlist_" + fileIdx + "_dir" , 1);
prop.putSafeXML("dirlist_" + fileIdx + "_dir_URL","http://" + yacyCore.seedDB.mySeed.getPublicAddress() + path + fileName + "/");
prop.put("dirlist_" + fileIdx + "_dir_URL","http://" + yacyCore.seedDB.mySeed.getPublicAddress() + path + fileName + "/");
} else {
// determine if we should display the description string or a preview image
boolean showImage = /* (description.length() == 0) && */ (fileName.endsWith(".jpg") || fileName.endsWith(".gif") || fileName.endsWith(".png") || fileName.endsWith(".ico") || fileName.endsWith(".bmp"));
@ -299,8 +299,8 @@ public class dir {
prop.put("dirlist_" + fileIdx + "_dir_size" , serverMemory.bytesToString(f.length()));
prop.put("dirlist_" + fileIdx + "_dir_sizeBytes" , Long.toString(f.length()));
// the unique url
prop.putSafeXML("dirlist_" + fileIdx + "_dir_yacyhURL",yacyhURL(yacyCore.seedDB.mySeed, fileName, md5s));
prop.putSafeXML("dirlist_" + fileIdx + "_dir_URL","http://" + yacyCore.seedDB.mySeed.getPublicAddress() + path + fileName);
prop.put("dirlist_" + fileIdx + "_dir_yacyhURL",yacyhURL(yacyCore.seedDB.mySeed, fileName, md5s));
prop.put("dirlist_" + fileIdx + "_dir_URL","http://" + yacyCore.seedDB.mySeed.getPublicAddress() + path + fileName);
// the md5 sum of the file
prop.put("dirlist_" + fileIdx + "_dir_md5s",md5s);
// description mode: 0...image preview, 1...description text
@ -309,7 +309,7 @@ public class dir {
prop.put("dirlist_" + fileIdx + "_dir_descriptionMode_image",fileName);
}
// always set the description tag (needed by rss and xml)
prop.putSafeXML("dirlist_" + fileIdx + "_dir_descriptionMode_text",description);
prop.put("dirlist_" + fileIdx + "_dir_descriptionMode_text",description);
}
prop.put("dirlist_" + fileIdx + "_adminAuthorization",adminAuthorization?1:0);

@ -67,7 +67,7 @@ public class blacklists_p {
if (nextEntry.length() == 0) continue;
if (nextEntry.startsWith("#")) continue;
prop.putSafeXML("lists_" + blacklistCount + "_items_" + count + "_item", nextEntry);
prop.put("lists_" + blacklistCount + "_items_" + count + "_item", nextEntry);
count++;
}
prop.put("lists_" + blacklistCount + "_items", count);

@ -78,18 +78,18 @@ public class all {
Date date;
while(it.hasNext()){
bookmark=switchboard.bookmarksDB.getBookmark((String) it.next());
prop.putSafeXML("posts_"+count+"_url", bookmark.getUrl());
prop.putSafeXML("posts_"+count+"_title", bookmark.getTitle());
prop.putSafeXML("posts_"+count+"_description", bookmark.getDescription());
prop.putSafeXML("posts_"+count+"_md5", serverCodings.encodeMD5Hex(bookmark.getUrl()));
prop.put("posts_"+count+"_url", bookmark.getUrl());
prop.put("posts_"+count+"_title", bookmark.getTitle());
prop.put("posts_"+count+"_description", bookmark.getDescription());
prop.put("posts_"+count+"_md5", serverCodings.encodeMD5Hex(bookmark.getUrl()));
date=new Date(bookmark.getTimeStamp());
prop.putSafeXML("posts_"+count+"_time", serverDate.dateToiso8601(date));
prop.putSafeXML("posts_"+count+"_tags", bookmark.getTagsString().replaceAll(","," "));
prop.put("posts_"+count+"_time", serverDate.dateToiso8601(date));
prop.put("posts_"+count+"_tags", bookmark.getTagsString().replaceAll(","," "));
// additional XML tags
prop.put("posts_"+count+"_isExtended",extendedXML ? 1:0);
if (extendedXML) {
prop.putSafeXML("posts_"+count+"_isExtended_private", Boolean.toString(!bookmark.getPublic()));
prop.put("posts_"+count+"_isExtended_private", Boolean.toString(!bookmark.getPublic()));
}
count++;
}

@ -71,17 +71,17 @@ public class get {
if(serverDate.dateToiso8601(new Date(bookmark.getTimeStamp())) == date &&
tag==null || bookmark.getTags().contains(tag) &&
isAdmin || bookmark.getPublic()){
prop.putSafeXML("posts_"+count+"_url", bookmark.getUrl());
prop.putSafeXML("posts_"+count+"_title", bookmark.getTitle());
prop.putSafeXML("posts_"+count+"_description", bookmark.getDescription());
prop.putSafeXML("posts_"+count+"_md5", serverCodings.encodeMD5Hex(bookmark.getUrl()));
prop.putSafeXML("posts_"+count+"_time", date);
prop.putSafeXML("posts_"+count+"_tags", bookmark.getTagsString().replaceAll(","," "));
prop.put("posts_"+count+"_url", bookmark.getUrl());
prop.put("posts_"+count+"_title", bookmark.getTitle());
prop.put("posts_"+count+"_description", bookmark.getDescription());
prop.putASIS("posts_"+count+"_md5", serverCodings.encodeMD5Hex(bookmark.getUrl()));
prop.put("posts_"+count+"_time", date);
prop.put("posts_"+count+"_tags", bookmark.getTagsString().replaceAll(","," "));
// additional XML tags
prop.put("posts_"+count+"_isExtended",extendedXML ? 1:0);
if (extendedXML) {
prop.putSafeXML("posts_"+count+"_isExtended_private", Boolean.toString(!bookmark.getPublic()));
prop.putASIS("posts_"+count+"_isExtended_private", Boolean.toString(!bookmark.getPublic()));
}
count++;
}

@ -125,11 +125,11 @@ public class queues_p {
totalSize += entrySize;
initiator = yacyCore.seedDB.getConnected(pcentry.initiator());
prop.put("list-indexing_"+i+"_profile", (pcentry.profile() != null) ? pcentry.profile().name() : "deleted");
prop.putSafeXML("list-indexing_"+i+"_initiator", ((initiator == null) ? "proxy" : htmlTools.encodeUnicode2html(initiator.getName(), true)));
prop.put("list-indexing_"+i+"_initiator", ((initiator == null) ? "proxy" : htmlTools.encodeUnicode2html(initiator.getName(), true)));
prop.put("list-indexing_"+i+"_depth", pcentry.depth());
prop.put("list-indexing_"+i+"_modified", pcentry.getModificationDate());
prop.putSafeXML("list-indexing_"+i+"_anchor", (pcentry.anchorName()==null)?"":htmlTools.encodeUnicode2html(pcentry.anchorName(), true));
prop.putSafeXML("list-indexing_"+i+"_url", pcentry.url().toNormalform(false, true));
prop.put("list-indexing_"+i+"_anchor", (pcentry.anchorName()==null)?"":htmlTools.encodeUnicode2html(pcentry.anchorName(), true));
prop.put("list-indexing_"+i+"_url", pcentry.url().toNormalform(false, true));
prop.put("list-indexing_"+i+"_size", entrySize);
prop.put("list-indexing_"+i+"_inProcess", (inProcess)?1:0);
prop.put("list-indexing_"+i+"_hash", pcentry.urlHash());
@ -156,9 +156,9 @@ public class queues_p {
if (theMsg == null) continue;
prop.put("list-loader_"+count+"_profile", theMsg.profile.name());
initiator = yacyCore.seedDB.getConnected(theMsg.initiator);
prop.putSafeXML("list-loader_"+count+"_initiator", ((initiator == null) ? "proxy" : initiator.getName()));
prop.put("list-loader_"+count+"_initiator", ((initiator == null) ? "proxy" : initiator.getName()));
prop.put("list-loader_"+count+"_depth", theMsg.depth );
prop.putSafeXML("list-loader_"+count+"_url", theMsg.url.toString()); // null pointer exception here !!! maybe url = null; check reason.
prop.put("list-loader_"+count+"_url", theMsg.url.toString()); // null pointer exception here !!! maybe url = null; check reason.
count++;
}
prop.put("list-loader", count );
@ -198,8 +198,8 @@ public class queues_p {
prop.put(tableName + "_" + showNum + "_initiator", ((initiator == null) ? "proxy" : initiator.getName()));
prop.put(tableName + "_" + showNum + "_depth", urle.depth());
prop.put(tableName + "_" + showNum + "_modified", daydate(urle.loaddate()));
prop.putSafeXML(tableName + "_" + showNum + "_anchor", urle.name());
prop.putSafeXML(tableName + "_" + showNum + "_url", urle.url().toNormalform(false, true));
prop.put(tableName + "_" + showNum + "_anchor", urle.name());
prop.put(tableName + "_" + showNum + "_url", urle.url().toNormalform(false, true));
prop.put(tableName + "_" + showNum + "_hash", urle.urlhash());
showNum++;
}

@ -70,7 +70,7 @@ public class snippet {
}
prop.put("link", 0);
prop.put("links", 0);
prop.putSafeXML("favicon",snippet.getFavicon()==null?"":snippet.getFavicon().toString());
prop.put("favicon",snippet.getFavicon()==null?"":snippet.getFavicon().toString());
} else {
// attach media information
ArrayList mediaSnippets = switchboard.snippetCache.retrieveMediaSnippets(url, queryHashes, media, true, mediasnippet_timeout);

@ -95,12 +95,12 @@ public class getpageinfo_p {
prop.put("title", scraper.getTitle());
// put the favicon that belongs to the document
prop.putSafeXML("favicon", (scraper.getFavicon()==null)?"":scraper.getFavicon().toString());
prop.put("favicon", (scraper.getFavicon()==null)?"":scraper.getFavicon().toString());
// put keywords
String list[]=scraper.getKeywords();
for(int i=0;i<list.length;i++){
prop.putSafeXML("tags_"+i+"_tag", list[i]);
prop.put("tags_"+i+"_tag", list[i]);
}
prop.put("tags", list.length);

@ -86,13 +86,6 @@ public class serverObjects extends Hashtable implements Cloneable {
super(input);
}
/**
* like put, but it replaces any HTML special chars.
*/
public Object putSafeXML(Object key, String value){
return put(key, htmlTools.encodeUnicode2html(value, true));
}
// new put takes also null values
public Object put(Object key, Object value) {
if (key == null) {
@ -113,8 +106,7 @@ public class serverObjects extends Hashtable implements Cloneable {
// string variant
public String put(String key, String value) {
//return putASIS(key, value);
return (String)putSafeXML(key, value); //XSS Safe!
return (String) put((Object) key, (Object) htmlTools.encodeUnicode2html(value, true));
}
public byte[] putASIS(String key, byte[] value) {
return (byte[]) this.put((Object) key, (Object) value);

@ -102,8 +102,8 @@ public final class yacyClient {
// generate request
final serverObjects obj = new serverObjects();
salt = yacyNetwork.enrichRequestPost(obj, plasmaSwitchboard.getSwitchboard(), null);
obj.put("count", "20");
obj.put("seed", yacyCore.seedDB.mySeed.genSeedStr(salt));
obj.putASIS("count", "20");
obj.putASIS("seed", yacyCore.seedDB.mySeed.genSeedStr(salt));
// send request
result = nxTools.table(
@ -237,8 +237,8 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
String salt = yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
post.put("object", "seed");
post.put("env", seedHash);
post.putASIS("object", "seed");
post.putASIS("env", seedHash);
// send request
try {
@ -267,9 +267,9 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
post.put("object", "rwicount");
post.put("ttl", "0");
post.put("env", wordHash);
post.putASIS("object", "rwicount");
post.putASIS("ttl", "0");
post.putASIS("env", wordHash);
// send request
try {
@ -300,9 +300,9 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
post.put("object", "lurlcount");
post.put("ttl", "0");
post.put("env", "");
post.putASIS("object", "lurlcount");
post.putASIS("ttl", "0");
post.putASIS("env", "");
// send request
try {
@ -373,22 +373,22 @@ public final class yacyClient {
final serverObjects post = new serverObjects();
final String salt = yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
long duetime = timingProfile.duetime();
post.put("myseed", yacyCore.seedDB.mySeed.genSeedStr(salt));
post.putASIS("myseed", yacyCore.seedDB.mySeed.genSeedStr(salt));
post.put("count", timingProfile.getTargetCount(plasmaSearchTimingProfile.PROCESS_POSTSORT));
post.put("resource", ((global) ? "global" : "local"));
post.putASIS("resource", ((global) ? "global" : "local"));
post.put("partitions", partitions);
post.put("query", wordhashes);
post.put("exclude", excludehashes);
post.put("urls", urlhashes);
post.put("prefer", prefer);
post.put("filter", filter);
post.put("ttl", "0");
post.putASIS("query", wordhashes);
post.putASIS("exclude", excludehashes);
post.putASIS("urls", urlhashes);
post.putASIS("prefer", prefer);
post.putASIS("filter", filter);
post.putASIS("ttl", "0");
post.put("duetime", Long.toString(duetime));
post.put("timing", crypt.simpleEncode(timingProfile.targetToString())); // new duetimes splitted by specific search tasks
post.putASIS("timing", crypt.simpleEncode(timingProfile.targetToString())); // new duetimes splitted by specific search tasks
post.put("maxdist", maxDistance);
post.put("profile", crypt.simpleEncode(rankingProfile.toExternalString()));
post.put("constraint", constraint.exportB64());
if (abstractCache != null) post.put("abstracts", "auto");
post.putASIS("profile", crypt.simpleEncode(rankingProfile.toExternalString()));
post.putASIS("constraint", constraint.exportB64());
if (abstractCache != null) post.putASIS("abstracts", "auto");
final long timestamp = System.currentTimeMillis();
// send request
@ -570,7 +570,7 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), targetHash);
post.put("process", "permission");
post.putASIS("process", "permission");
// send request
try {
@ -599,9 +599,9 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
final String salt = yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), targetHash);
post.put("process", "post");
post.put("myseed", yacyCore.seedDB.mySeed.genSeedStr(salt));
post.put("subject", subject);
post.putASIS("process", "post");
post.putASIS("myseed", yacyCore.seedDB.mySeed.genSeedStr(salt));
post.putASIS("subject", subject);
try {
post.put("message", new String(message, "UTF-8"));
} catch (UnsupportedEncodingException e) {
@ -647,11 +647,11 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), null);
post.put("process", "permission");
post.put("purpose", "crcon");
post.put("filename", filename);
post.put("filesize", Long.toString(filesize));
post.put("can-send-protocol", "http");
post.putASIS("process", "permission");
post.putASIS("purpose", "crcon");
post.putASIS("filename", filename);
post.putASIS("filesize", Long.toString(filesize));
post.putASIS("can-send-protocol", "http");
// send request
try {
@ -680,12 +680,12 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), null);
post.put("process", "store");
post.put("purpose", "crcon");
post.put("filename", filename);
post.putASIS("process", "store");
post.putASIS("purpose", "crcon");
post.putASIS("filename", filename);
post.put("filesize", Long.toString(file.length));
post.put("md5", serverCodings.encodeMD5Hex(file));
post.put("access", access);
post.putASIS("md5", serverCodings.encodeMD5Hex(file));
post.putASIS("access", access);
HashMap files = new HashMap();
files.put("filename", file);
@ -747,18 +747,18 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
post.put("process", "crawl");
post.putASIS("process", "crawl");
if (url.length == 1) {
post.put("url", crypt.simpleEncode(url[0].toNormalform(true, true)));
post.put("referrer", crypt.simpleEncode((referrer[0] == null) ? "" : referrer[0].toNormalform(true, true)));
post.putASIS("url", crypt.simpleEncode(url[0].toNormalform(true, true)));
post.putASIS("referrer", crypt.simpleEncode((referrer[0] == null) ? "" : referrer[0].toNormalform(true, true)));
} else {
for (int i=0; i< url.length; i++) {
post.put("url" + i, crypt.simpleEncode(url[i].toNormalform(true, true)));
post.put("ref" + i, crypt.simpleEncode((referrer[i] == null) ? "" : referrer[i].toNormalform(true, true)));
post.putASIS("url" + i, crypt.simpleEncode(url[i].toNormalform(true, true)));
post.putASIS("ref" + i, crypt.simpleEncode((referrer[i] == null) ? "" : referrer[i].toNormalform(true, true)));
}
}
post.put("depth", "0");
post.put("ttl", "0");
post.putASIS("depth", "0");
post.putASIS("ttl", "0");
// determining target address
final String address = target.getClusterAddress();
@ -820,12 +820,12 @@ public final class yacyClient {
// prepare request
final serverObjects post = new serverObjects();
String salt = yacyNetwork.enrichRequestPost(post, plasmaSwitchboard.getSwitchboard(), target.hash);
post.put("process", process);
post.put("urlhash", ((entry == null) ? "" : entry.hash()));
post.put("result", result);
post.put("reason", reason);
post.put("wordh", wordhashes);
post.put("lurlEntry", ((entry == null) ? "" : crypt.simpleEncode(entry.toString(), salt)));
post.putASIS("process", process);
post.putASIS("urlhash", ((entry == null) ? "" : entry.hash()));
post.putASIS("result", result);
post.putASIS("reason", reason);
post.putASIS("wordh", wordhashes);
post.putASIS("lurlEntry", ((entry == null) ? "" : crypt.simpleEncode(entry.toString(), salt)));
// determining target address
final String address = target.getClusterAddress();
@ -951,7 +951,7 @@ public final class yacyClient {
// enabling gzip compression for post request body
if ((gzipBody) && (targetSeed.getVersion() >= yacyVersion.YACY_SUPPORTS_GZIP_POST_REQUESTS)) {
post.put(httpc.GZIP_POST_BODY,"true");
post.putASIS(httpc.GZIP_POST_BODY,"true");
}
post.put("wordc", Integer.toString(indexes.length));
@ -978,8 +978,8 @@ public final class yacyClient {
return result;
}
post.put("entryc", Integer.toString(indexcount));
post.put("indexes", entrypost.toString());
post.put("entryc", indexcount);
post.putASIS("indexes", entrypost.toString());
try {
final ArrayList v = nxTools.strings(
httpc.wput(
@ -1018,7 +1018,7 @@ public final class yacyClient {
// enabling gzip compression for post request body
if ((gzipBody) && (targetSeed.getVersion() >= yacyVersion.YACY_SUPPORTS_GZIP_POST_REQUESTS)) {
post.put(httpc.GZIP_POST_BODY,"true");
post.putASIS(httpc.GZIP_POST_BODY,"true");
}
String resource = "";
@ -1028,13 +1028,13 @@ public final class yacyClient {
if (urls[i] != null) {
resource = urls[i].toString();
if (resource != null) {
post.put("url" + urlc, resource);
post.putASIS("url" + urlc, resource);
urlPayloadSize += resource.length();
urlc++;
}
}
}
post.put("urlc", Integer.toString(urlc));
post.put("urlc", urlc);
try {
final ArrayList v = nxTools.strings(
httpc.wput(

Loading…
Cancel
Save