diff options
author | Erlang/OTP <[email protected]> | 2011-09-15 09:54:39 +0200 |
---|---|---|
committer | Erlang/OTP <[email protected]> | 2011-09-15 09:54:39 +0200 |
commit | 801ec3847e330b7d67b1e4ae700211380da0d6bd (patch) | |
tree | 8861e1e85f352d828cf31f0690feaae63c0088bd /lib/inets/src/http_server/mod_dir.erl | |
parent | 50261525973798faf7f62ea02356447b16e5fc56 (diff) | |
parent | 98fd9df4c4a04554fd2f707ca9ea2d674fad984d (diff) | |
download | otp-801ec3847e330b7d67b1e4ae700211380da0d6bd.tar.gz otp-801ec3847e330b7d67b1e4ae700211380da0d6bd.tar.bz2 otp-801ec3847e330b7d67b1e4ae700211380da0d6bd.zip |
Merge branch 'bmk/inets/httpd/cross_site_scripting_attacks/OTP-9535' into maint-r13
* bmk/inets/httpd/cross_site_scripting_attacks/OTP-9535:
Updated http-server to make sure URLs in error-messages are URL-encoded. Added support in http-client to use URL-encoding. Also added the missing include directory for the inets application.
Diffstat (limited to 'lib/inets/src/http_server/mod_dir.erl')
-rw-r--r-- | lib/inets/src/http_server/mod_dir.erl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/inets/src/http_server/mod_dir.erl b/lib/inets/src/http_server/mod_dir.erl index cdc7cc01e4..35e9de24e2 100644 --- a/lib/inets/src/http_server/mod_dir.erl +++ b/lib/inets/src/http_server/mod_dir.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1997-2009. All Rights Reserved. +%% Copyright Ericsson AB 1997-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -18,9 +18,11 @@ %% %% -module(mod_dir). + -export([do/1]). -include("httpd.hrl"). +-include("httpd_internal.hrl"). %% do @@ -57,7 +59,7 @@ do_dir(Info) -> case file:read_file_info(DefaultPath) of {ok,FileInfo} when FileInfo#file_info.type == directory -> DecodedRequestURI = - httpd_util:decode_hex(Info#mod.request_uri), + http_uri:decode(Info#mod.request_uri), ?DEBUG("do_dir -> ~n" " Path: ~p~n" " DefaultPath: ~p~n" |