From 2895197d0dad246757d8d1d9eea181cbf0543ae9 Mon Sep 17 00:00:00 2001 From: Bosanac Dejan Date: Wed, 7 Apr 2010 13:55:14 +0000 Subject: [PATCH] https://issues.apache.org/activemq/browse/AMQ-2613 - more web console sanitation git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@931552 13f79535-47bb-0310-9956-ffa450edef68 --- .../activemq/web/controller/SendMessage.java | 3 ++ .../src/main/webapp/browse.jsp | 10 ++--- .../src/main/webapp/connection.jsp | 44 +++++++++---------- .../src/main/webapp/message.jsp | 26 +++++------ 4 files changed, 43 insertions(+), 40 deletions(-) diff --git a/activemq-web-console/src/main/java/org/apache/activemq/web/controller/SendMessage.java b/activemq-web-console/src/main/java/org/apache/activemq/web/controller/SendMessage.java index 616b860750..a521a6a0aa 100644 --- a/activemq-web-console/src/main/java/org/apache/activemq/web/controller/SendMessage.java +++ b/activemq-web-console/src/main/java/org/apache/activemq/web/controller/SendMessage.java @@ -178,6 +178,9 @@ public class SendMessage extends DestinationFacade implements Controller { for (Iterator iter = map.entrySet().iterator(); iter.hasNext();) { Map.Entry entry = (Map.Entry) iter.next(); String name = (String) entry.getKey(); + if (name.equals("secret")) { + continue; + } Object value = entry.getValue(); if (isValidPropertyName(name)) { if (value instanceof String[]) { diff --git a/activemq-web-console/src/main/webapp/browse.jsp b/activemq-web-console/src/main/webapp/browse.jsp index 6e7c4ec05c..1630e8488a 100644 --- a/activemq-web-console/src/main/webapp/browse.jsp +++ b/activemq-web-console/src/main/webapp/browse.jsp @@ -41,13 +41,13 @@ " title="${row.properties}">${row.JMSMessageID} -${row.JMSCorrelationID} + -${row.JMSPriority} -${row.JMSRedelivered} -${row.JMSReplyTo} + + + -${row.JMSType} + &messageId=${row.JMSMessageID}&secret=">Delete diff --git a/activemq-web-console/src/main/webapp/connection.jsp b/activemq-web-console/src/main/webapp/connection.jsp index 8555e42f0a..ff54902009 100644 --- a/activemq-web-console/src/main/webapp/connection.jsp +++ b/activemq-web-console/src/main/webapp/connection.jsp @@ -17,7 +17,7 @@ -Connection ${requestContext.connectionQuery.connectionID} +Connection <c:out value="${requestContext.connectionQuery.connectionID}" /> @@ -26,40 +26,40 @@
-No connection could be found for ID ${requestContext.connectionQuery.connectionID} +No connection could be found for ID
-

Connection ${requestContext.connectionQuery.connectionID}

+

Connection

- + - + - + - + - + - + @@ -96,29 +96,29 @@ No connection could be found for ID ${requestContext.connectionQuery.connectionI - Queue ${consumer.destinationName} + Queue - Topic ${consumer.destinationName} + Topic - ${consumer.destinationName} + - ${consumer.sessionId} - ${consumer.selector} - ${consumer.enqueueCounter} - ${consumer.dequeueCounter} - ${consumer.dispachedCounter} - ${consumer.dispatchedQueueSize} + + + + + + - ${consumer.prefetchSize}
- ${consumer.maximumPendingMessageLimit} +
+ - ${consumer.exclusive}
- ${consumer.retroactive} +
+ diff --git a/activemq-web-console/src/main/webapp/message.jsp b/activemq-web-console/src/main/webapp/message.jsp index b5db6aec1a..25143a1f10 100644 --- a/activemq-web-console/src/main/webapp/message.jsp +++ b/activemq-web-console/src/main/webapp/message.jsp @@ -17,7 +17,7 @@ -Message ${requestContext.messageQuery.id} +Message <c:out value="${requestContext.messageQuery.id}"/> @@ -26,7 +26,7 @@
-No message could be found for ID ${requestContext.messageQuery.id} +No message could be found for ID
@@ -47,7 +47,7 @@ No message could be found for ID ${requestContext.messageQuery.id} Message ID - ${row.JMSMessageID} + Destination @@ -55,19 +55,19 @@ No message could be found for ID ${requestContext.messageQuery.id} Correlation ID - ${row.JMSCorrelationID} + Group - ${row.groupID} + Sequence - ${row.groupSequence} + Expiration - ${row.JMSExpiration} + Persistence @@ -75,15 +75,15 @@ No message could be found for ID ${requestContext.messageQuery.id} Priority - ${row.JMSPriority} + Redelivered - ${row.JMSRedelivered} + Reply To - ${row.JMSReplyTo} + Timestamp @@ -91,7 +91,7 @@ No message could be found for ID ${requestContext.messageQuery.id} Type - ${row.JMSType} + @@ -109,8 +109,8 @@ No message could be found for ID ${requestContext.messageQuery.id} - ${prop.key} - ${prop.value} + +