ChromaGaming/ButtonPresents
1
0
Fork 0
Code Issues 7 Pull requests Packages Projects Releases Wiki Activity

Started work on Post page, finally making ButtonPresents vulnerable to XSS

Browse source
This commit is contained in:
alisolarflare 2017-06-15 01:10:06 -06:00
parent bab80b2a74
commit d25a0536ba
2 changed files with 48 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/main/java/buttondevteam/presents/hello/HelloComponent.java
View file

@ -16,6 +16,7 @@ import buttondevteam.presents.hello.effects.HelloParticle;
import buttondevteam.presents.hello.effects.HelloSound;
import buttondevteam.presents.hello.pages.HelloDataPage;
import buttondevteam.presents.hello.pages.HelloLocationPage;
import buttondevteam.presents.hello.pages.HelloPOSTPage;
import buttondevteam.presents.hello.pages.HelloPlayersPage;
import buttondevteam.presents.hello.pages.HelloWorldPage;
@ -39,5 +40,6 @@ public class HelloComponent extends Component{
this.addPage(plugin, new HelloDataPage());
this.addPage(plugin, new HelloPlayersPage(plugin));
this.addPage(plugin, new HelloLocationPage(plugin));
this.addPage(plugin, new HelloPOSTPage(plugin));
}
}

46
src/main/java/buttondevteam/presents/hello/pages/HelloPOSTPage.java Normal file
View file

@ -0,0 +1,46 @@
package buttondevteam.presents.hello.pages;
import java.io.IOException;
import org.bukkit.plugin.java.JavaPlugin;
import com.sun.net.httpserver.HttpExchange;
import buttondevteam.website.io.Response;
import buttondevteam.website.page.Page;
public class HelloPOSTPage extends Page {
JavaPlugin plugin;
String saveFilePath = "hello.pages.hellopostpage.saved";
public HelloPOSTPage(JavaPlugin plugin) {
this.plugin = plugin;
}
@Override
public String GetName() {
return "ali/hello/post";
}
@Override
public Response handlePage(HttpExchange exchange) {
String responseString = "";
if(exchange.getRequestMethod() == "post"){
int c;
try {
while((c = exchange.getRequestBody().read()) != -1){
responseString += (char) c;
}
} catch (IOException e) {
responseString += "Error! Reading message failed";
return new Response(200, responseString, exchange);
}
plugin.getConfig().set(saveFilePath, responseString);
plugin.saveConfig();
}else{
responseString += plugin.getConfig().getString(saveFilePath);
}
return new Response(200, responseString, exchange);
}
}