diff options
| author | Micael Karlberg <[email protected]> | 2011-11-09 18:22:49 +0100 |
|---|---|---|
| committer | Micael Karlberg <[email protected]> | 2011-11-09 18:22:49 +0100 |
| commit | a7b67af7d2db9a442bd28952cca3fc61e5f0f227 (patch) | |
| tree | 93c878e712e9309469e8f1c2de80548e21f1143b /lib/inets/src/http_server/httpd_file.erl | |
| parent | f561a98a9b89738467b52ab5213562de753f6ad2 (diff) | |
| parent | 53b434e40047fc4e085f57412b4e2227faddf23b (diff) | |
| download | otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.tar.gz otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.tar.bz2 otp-a7b67af7d2db9a442bd28952cca3fc61e5f0f227.zip | |
[httpd] XSS prevention did not work for hex-encoded URL's.
OTP-9655
Merge branch 'bmk/inets/httpd/xss_when_erl_encoded/r14/OTP-9655' into bmk/inets/inets572_integration
Diffstat (limited to 'lib/inets/src/http_server/httpd_file.erl')
| -rw-r--r-- | lib/inets/src/http_server/httpd_file.erl | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/inets/src/http_server/httpd_file.erl b/lib/inets/src/http_server/httpd_file.erl index e8a8ab6411..f2ba33099e 100644 --- a/lib/inets/src/http_server/httpd_file.erl +++ b/lib/inets/src/http_server/httpd_file.erl @@ -36,9 +36,9 @@ handle_error(emfile, Op, _ModData, Path) -> handle_error(500, Op, none, Path, ": Too many open files"); handle_error({enfile,_}, Op, _ModData, Path) -> handle_error(500, Op, none, Path, ": File table overflow"); -handle_error(_Reason, Op, ModData, Path) -> - handle_error(404, Op, ModData, Path, ": File not found"). - +handle_error(_Reason, Op, _ModData, Path) -> + handle_error(500, Op, none, Path, ""). + handle_error(StatusCode, Op, none, Path, Reason) -> {StatusCode, none, ?NICE("Can't " ++ Op ++ " " ++ Path ++ Reason)}; handle_error(StatusCode, Op, ModData, Path, Reason) -> |