private void printLogFilesList(HttpServletResponse response, File loggingDirectory)
throws IOException {
SimpleDateFormat dateFormat = new SimpleDateFormat(MM_DD_YYYY_HH_MM_SS);
StringBuilder fileLinks = new StringBuilder(HTML_START);
fileLinks.append(FONT_ARIAL_OPEN);
fileLinks.append(TABLE_OPEN);
fileLinks.append(TR_TD_B_LOG_FILES_B_TD_TD_B_LAST_MODIFIED_B_TD_TR);
for (File loggingFile : loggingDirectory.listFiles()) {
String fileName = XSSUtils.stripXSS(loggingFile.getName());
String lastModified = XSSUtils.stripXSS(dateFormat.format(loggingFile.lastModified()));
String a = A_HREF + LOGGING_FILE_LOCATION + fileName + A_HREF_CLOSE + fileName + A_HREF_END;
fileLinks.append(TR_TD + a + TD_TD + lastModified + TD_TR);
}
fileLinks.append(TABLE_CLOSE);
fileLinks.append(FONT_CLOSE);
fileLinks.append(HTML_END);
PrintWriter writer = response.getWriter();
writer.println(fileLinks.toString());
writer.flush();
writer.close();
}
@Override
public void addAttribute(String key, String nsPrefix, String nsURI, String value, String type)
throws Exception {
if (discarding != 0) return;
if (XSSUtils.isBadAttribute(key) || XSSUtils.isBadAttributeValue(key, value)) {
logger.warn("(XSS) discarding invalid attribute: " + key + ": " + value);
return;
}
super.addAttribute(key, nsPrefix, nsURI, value, type);
}
private void printLogFile(HttpServletResponse response, File[] loggingFiles, String logFile)
throws FileNotFoundException, IOException {
response.setContentType(CONTENT_TYPE_TEXT_HTML);
PrintWriter writer = response.getWriter();
boolean found = false;
for (File loggingFile : loggingFiles) {
if (loggingFile.getName().equalsIgnoreCase(logFile)) {
BufferedReader reader = new BufferedReader(new FileReader(loggingFile));
String line;
writer.print(HTML_START);
writer.print(FONT_ARIAL_OPEN);
printBeforeLogFile(writer);
while ((line = reader.readLine()) != null) {
writer.print(BR);
writer.println(SMALL + XSSUtils.stripXSS(line) + SMALL_CLOSE);
}
printAfterLogFile(writer);
writer.print(FONT_CLOSE);
writer.print(HTML_END);
writer.flush();
reader.close();
found = true;
break;
}
}
if (!found) {
writer.println(String.format(LOG_FILE_S_DOSN_T_EXIST, logFile));
writer.flush();
}
writer.close();
}
@Override
public void startElement(String name, String nsPrefix, String nsURI, String systemID, int lineNr)
throws Exception {
if (discarding == 0 && XSSUtils.isBadTag(name)) {
discarding = 1;
logger.warn("(XSS) discarding invalid tag: " + name);
return;
}
if (discarding != 0) {
++discarding;
return;
}
super.startElement(name, nsPrefix, nsURI, systemID, lineNr);
}
