Started work on Post page, finally making ButtonPresents vulnerable to XSS
This commit is contained in:
parent
bab80b2a74
commit
d25a0536ba
2 changed files with 48 additions and 0 deletions
|
@ -16,6 +16,7 @@ import buttondevteam.presents.hello.effects.HelloParticle;
|
||||||
import buttondevteam.presents.hello.effects.HelloSound;
|
import buttondevteam.presents.hello.effects.HelloSound;
|
||||||
import buttondevteam.presents.hello.pages.HelloDataPage;
|
import buttondevteam.presents.hello.pages.HelloDataPage;
|
||||||
import buttondevteam.presents.hello.pages.HelloLocationPage;
|
import buttondevteam.presents.hello.pages.HelloLocationPage;
|
||||||
|
import buttondevteam.presents.hello.pages.HelloPOSTPage;
|
||||||
import buttondevteam.presents.hello.pages.HelloPlayersPage;
|
import buttondevteam.presents.hello.pages.HelloPlayersPage;
|
||||||
import buttondevteam.presents.hello.pages.HelloWorldPage;
|
import buttondevteam.presents.hello.pages.HelloWorldPage;
|
||||||
|
|
||||||
|
@ -39,5 +40,6 @@ public class HelloComponent extends Component{
|
||||||
this.addPage(plugin, new HelloDataPage());
|
this.addPage(plugin, new HelloDataPage());
|
||||||
this.addPage(plugin, new HelloPlayersPage(plugin));
|
this.addPage(plugin, new HelloPlayersPage(plugin));
|
||||||
this.addPage(plugin, new HelloLocationPage(plugin));
|
this.addPage(plugin, new HelloLocationPage(plugin));
|
||||||
|
this.addPage(plugin, new HelloPOSTPage(plugin));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
package buttondevteam.presents.hello.pages;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
import org.bukkit.plugin.java.JavaPlugin;
|
||||||
|
|
||||||
|
import com.sun.net.httpserver.HttpExchange;
|
||||||
|
|
||||||
|
import buttondevteam.website.io.Response;
|
||||||
|
import buttondevteam.website.page.Page;
|
||||||
|
|
||||||
|
public class HelloPOSTPage extends Page {
|
||||||
|
JavaPlugin plugin;
|
||||||
|
String saveFilePath = "hello.pages.hellopostpage.saved";
|
||||||
|
public HelloPOSTPage(JavaPlugin plugin) {
|
||||||
|
this.plugin = plugin;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String GetName() {
|
||||||
|
return "ali/hello/post";
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Response handlePage(HttpExchange exchange) {
|
||||||
|
String responseString = "";
|
||||||
|
if(exchange.getRequestMethod() == "post"){
|
||||||
|
int c;
|
||||||
|
try {
|
||||||
|
while((c = exchange.getRequestBody().read()) != -1){
|
||||||
|
responseString += (char) c;
|
||||||
|
}
|
||||||
|
} catch (IOException e) {
|
||||||
|
responseString += "Error! Reading message failed";
|
||||||
|
return new Response(200, responseString, exchange);
|
||||||
|
|
||||||
|
}
|
||||||
|
plugin.getConfig().set(saveFilePath, responseString);
|
||||||
|
plugin.saveConfig();
|
||||||
|
}else{
|
||||||
|
responseString += plugin.getConfig().getString(saveFilePath);
|
||||||
|
}
|
||||||
|
return new Response(200, responseString, exchange);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in a new issue