/[Apache-SVN]

Revision 1098897

Jump to revision:
Author:	oching
Date:	Tue May 3 02:54:19 2011 UTC (12 years, 11 months ago)
Changed paths:	48
Log Message:	[MRM-1468] Fix XSS vulnerability in Archiva submitted by Marc Jansen Tan Chua o tightened up validation on input/edit forms + unit tests o added selenium tests for XSS vunerabilities o used c:out in some of the pages so output will be escaped if containing html characters

Changed paths

Path	Details
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/DeleteArtifactAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/appearance/EditOrganisationInfoAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/legacy/AddLegacyArtifactPathAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/networkproxies/ConfigureNetworkProxyAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/AddManagedRepositoryAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/repositories/EditManagedRepositoryAction.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/DeleteArtifactAction-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/appearance/EditOrganisationInfoAction-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/legacy/AddLegacyArtifactPathAction-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/networkproxies/ConfigureNetworkProxyAction-saveNetworkProxy-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/repositories/AddManagedRepositoryAction-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/repositories/EditManagedRepositoryAction-validation.xml	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/addLegacyArtifactPath.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/addRepository.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/appearance.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/confirmAddRepository.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/deleteNetworkProxy.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/deleteRepository.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/editAppearance.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/editNetworkProxy.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/editRepository.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/legacyArtifactPath.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/networkProxies.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/repositories.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/components/companyLogo.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/deleteArtifact.jsp	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/DeleteArtifactActionTest.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/appearance/EditOrganizationInfoActionTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/legacy/	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/legacy/AddLegacyArtifactPathActionTest.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/networkproxies/	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/networkproxies/ConfigureNetworkProxyActionTest.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/repositories/AbstractManagedRepositoryActionTest.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/repositories/AddManagedRepositoryActionTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/action/admin/repositories/EditManagedRepositoryActionTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/validator/	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/validator/utils/	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/test/java/org/apache/maven/archiva/web/validator/utils/ValidatorUtil.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/AppearanceTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/ArtifactManagementTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/LegacySupportTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/NetworkProxiesTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/RepositoryTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/XSSSecurityTest.java	added
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArchivaTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractArtifactManagementTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractRepositoryTest.java	modified , text changed
archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp-test/src/test/testng/org/apache/archiva/web/test/parent/AbstractSeleniumTest.java	modified , text changed

infrastructure at apache.org	ViewVC Help
Powered by ViewVC 1.1.26