packages/tomcat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
tomcat/CVE-2024-54677-2.patch
wk333 ebb0431a51 Fix CVE-2024-50379 CVE-2024-54677 
(cherry picked from commit 37b6fbcf4c334035b8423e43c24b2bea2397c27f)
2024-12-18 11:02:40 +08:00

62 lines
2.7 KiB
Diff
Raw Blame History

From 721544ea28e92549824b106be954a9f411867a1c Mon Sep 17 00:00:00 2001
From: Mark Thomas <markt@apache.org>
Date: Mon, 2 Dec 2024 17:39:05 +0000
Subject: [PATCH] Add the ability to delete session attributes.
Origin: https://github.com/apache/tomcat/commit/721544ea28e92549824b106be954a9f411867a1c
---
webapps/docs/changelog.xml | 4 ++++
.../examples/WEB-INF/classes/SessionExample.java | 14 +++++++++++---
2 files changed, 15 insertions(+), 3 deletions(-)
diff --git a/webapps/examples/WEB-INF/classes/SessionExample.java b/webapps/examples/WEB-INF/classes/SessionExample.java
index 407e2b3c0b0f..b3de2f866956 100644
--- a/webapps/examples/WEB-INF/classes/SessionExample.java
+++ b/webapps/examples/WEB-INF/classes/SessionExample.java
@@ -1,3 +1,4 @@
+
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
@@ -16,6 +17,8 @@
import java.io.IOException;
import java.io.PrintWriter;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Enumeration;
import java.util.ResourceBundle;
@@ -75,7 +78,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) thro
String dataName = request.getParameter("dataname");
String dataValue = request.getParameter("datavalue");
- if (dataName != null && dataValue != null) {
+ if (dataName != null) {
session.setAttribute(dataName, dataValue);
}
@@ -85,7 +88,12 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) thro
while (names.hasMoreElements()) {
String name = names.nextElement();
String value = session.getAttribute(name).toString();
- out.println(HTMLFilter.filter(name) + " = " + HTMLFilter.filter(value) + "<br>");
+ out.println(HTMLFilter.filter(name) + " = " + HTMLFilter.filter(value));
+ out.print("<a href=\"");
+ out.print(HTMLFilter.filter(
+ response.encodeURL("SessionExample?dataname=" + URLEncoder.encode(name, StandardCharsets.UTF_8))));
+ out.println("\" >delete</a>");
+ out.println("<br>");
}
out.println("<P>");
@@ -117,7 +125,7 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) thro
out.println("</form>");
out.print("<p><a href=\"");
- out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=foo&datavalue=bar")));
+ out.print(HTMLFilter.filter(response.encodeURL("SessionExample?dataname=exampleName&datavalue=exampleValue")));
out.println("\" >URL encoded </a>");
out.println("</body>");
Reference in New Issue View Git Blame Copy Permalink