private void printLogFilesList(HttpServletResponse response, File loggingDirectory) throws IOException { SimpleDateFormat dateFormat = new SimpleDateFormat(MM_DD_YYYY_HH_MM_SS); StringBuilder fileLinks = new StringBuilder(HTML_START); fileLinks.append(FONT_ARIAL_OPEN); fileLinks.append(TABLE_OPEN); fileLinks.append(TR_TD_B_LOG_FILES_B_TD_TD_B_LAST_MODIFIED_B_TD_TR); for (File loggingFile : loggingDirectory.listFiles()) { String fileName = XSSUtils.stripXSS(loggingFile.getName()); String lastModified = XSSUtils.stripXSS(dateFormat.format(loggingFile.lastModified())); String a = A_HREF + LOGGING_FILE_LOCATION + fileName + A_HREF_CLOSE + fileName + A_HREF_END; fileLinks.append(TR_TD + a + TD_TD + lastModified + TD_TR); } fileLinks.append(TABLE_CLOSE); fileLinks.append(FONT_CLOSE); fileLinks.append(HTML_END); PrintWriter writer = response.getWriter(); writer.println(fileLinks.toString()); writer.flush(); writer.close(); }
@Override public void addAttribute(String key, String nsPrefix, String nsURI, String value, String type) throws Exception { if (discarding != 0) return; if (XSSUtils.isBadAttribute(key) || XSSUtils.isBadAttributeValue(key, value)) { logger.warn("(XSS) discarding invalid attribute: " + key + ": " + value); return; } super.addAttribute(key, nsPrefix, nsURI, value, type); }
private void printLogFile(HttpServletResponse response, File[] loggingFiles, String logFile) throws FileNotFoundException, IOException { response.setContentType(CONTENT_TYPE_TEXT_HTML); PrintWriter writer = response.getWriter(); boolean found = false; for (File loggingFile : loggingFiles) { if (loggingFile.getName().equalsIgnoreCase(logFile)) { BufferedReader reader = new BufferedReader(new FileReader(loggingFile)); String line; writer.print(HTML_START); writer.print(FONT_ARIAL_OPEN); printBeforeLogFile(writer); while ((line = reader.readLine()) != null) { writer.print(BR); writer.println(SMALL + XSSUtils.stripXSS(line) + SMALL_CLOSE); } printAfterLogFile(writer); writer.print(FONT_CLOSE); writer.print(HTML_END); writer.flush(); reader.close(); found = true; break; } } if (!found) { writer.println(String.format(LOG_FILE_S_DOSN_T_EXIST, logFile)); writer.flush(); } writer.close(); }
@Override public void startElement(String name, String nsPrefix, String nsURI, String systemID, int lineNr) throws Exception { if (discarding == 0 && XSSUtils.isBadTag(name)) { discarding = 1; logger.warn("(XSS) discarding invalid tag: " + name); return; } if (discarding != 0) { ++discarding; return; } super.startElement(name, nsPrefix, nsURI, systemID, lineNr); }