Changeset 10587 in josm for trunk


Ignore:
Timestamp:
2016-07-22T22:52:14+02:00 (4 years ago)
Author:
Don-vip
Message:

fix #13187 - Set encoding of remote control error pages to UTF-8 and HTML-escape the localized messages (patch by floscher)

Location:
trunk/src/org/openstreetmap/josm/io/remotecontrol
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/io/remotecontrol/RequestProcessor.java

    r10208 r10587  
    1212import java.io.Writer;
    1313import java.net.Socket;
     14import java.nio.charset.Charset;
    1415import java.nio.charset.StandardCharsets;
    1516import java.util.Arrays;
    1617import java.util.Date;
    1718import java.util.HashMap;
     19import java.util.Locale;
    1820import java.util.Map;
    1921import java.util.Map.Entry;
     
    4547 */
    4648public class RequestProcessor extends Thread {
     49
     50    private static final Charset RESPONSE_CHARSET = StandardCharsets.UTF_8;
     51    private static final String RESPONSE_TEMPLATE = "<!DOCTYPE html><html><head><meta charset=\""
     52            + RESPONSE_CHARSET.name()
     53            + "\">%s</head><body>%s</body></html>";
     54
    4755    /**
    4856     * RemoteControl protocol version. Change minor number for compatible
     
    145153        try {
    146154            OutputStream raw = new BufferedOutputStream(request.getOutputStream());
    147             out = new OutputStreamWriter(raw, StandardCharsets.UTF_8);
     155            out = new OutputStreamWriter(raw, RESPONSE_CHARSET);
    148156            BufferedReader in = new BufferedReader(new InputStreamReader(request.getInputStream(), "ASCII"));
    149157
     
    269277    private static void sendError(Writer out) throws IOException {
    270278        sendHeader(out, "500 Internal Server Error", "text/html", true);
    271         out.write("<HTML>\r\n");
    272         out.write("<HEAD><TITLE>Internal Error</TITLE>\r\n");
    273         out.write("</HEAD>\r\n");
    274         out.write("<BODY>");
    275         out.write("<H1>HTTP Error 500: Internal Server Error</H1>\r\n");
    276         out.write("</BODY></HTML>\r\n");
     279        out.write(String.format(
     280                RESPONSE_TEMPLATE,
     281                "<title>Internal Error</title>",
     282                "<h1>HTTP Error 500: Internal Server Error</h1>"
     283        ));
    277284        out.flush();
    278285    }
     
    288295    private static void sendNotImplemented(Writer out) throws IOException {
    289296        sendHeader(out, "501 Not Implemented", "text/html", true);
    290         out.write("<HTML>\r\n");
    291         out.write("<HEAD><TITLE>Not Implemented</TITLE>\r\n");
    292         out.write("</HEAD>\r\n");
    293         out.write("<BODY>");
    294         out.write("<H1>HTTP Error 501: Not Implemented</h2>\r\n");
    295         out.write("</BODY></HTML>\r\n");
     297        out.write(String.format(
     298                RESPONSE_TEMPLATE,
     299                "<title>Not Implemented</title>",
     300                "<h1>HTTP Error 501: Not Implemented</h1>"
     301        ));
    296302        out.flush();
    297303    }
     
    309315    private static void sendForbidden(Writer out, String help) throws IOException {
    310316        sendHeader(out, "403 Forbidden", "text/html", true);
    311         out.write("<HTML>\r\n");
    312         out.write("<HEAD><TITLE>Forbidden</TITLE>\r\n");
    313         out.write("</HEAD>\r\n");
    314         out.write("<BODY>");
    315         out.write("<H1>HTTP Error 403: Forbidden</h2>\r\n");
    316         if (help != null) {
    317             out.write(help);
    318         }
    319         out.write("</BODY></HTML>\r\n");
     317        out.write(String.format(
     318                RESPONSE_TEMPLATE,
     319                "<title>Forbidden</title>",
     320                "<h1>HTTP Error 403: Forbidden</h1>" +
     321                (help == null ? "" : "<p>"+Utils.escapeReservedCharactersHTML(help) + "</p>")
     322        ));
    320323        out.flush();
    321324    }
    322325
    323326    /**
    324      * Sends a 403 error: forbidden
     327     * Sends a 400 error: bad request
    325328     *
    326329     * @param out
     
    333336    private static void sendBadRequest(Writer out, String help) throws IOException {
    334337        sendHeader(out, "400 Bad Request", "text/html", true);
    335         out.write("<HTML>\r\n");
    336         out.write("<HEAD><TITLE>Bad Request</TITLE>\r\n");
    337         out.write("</HEAD>\r\n");
    338         out.write("<BODY>");
    339         out.write("<H1>HTTP Error 400: Bad Request</h2>\r\n");
    340         if (help != null) {
    341             out.write(help);
    342         }
    343         out.write("</BODY></HTML>\r\n");
     338        out.write(String.format(
     339                RESPONSE_TEMPLATE,
     340                "<title>Bad Request</title>",
     341                "<h1>HTTP Error 400: Bad Request</h1>" +
     342                (help == null ? "" : ("<p>" + Utils.escapeReservedCharactersHTML(help) + "</p>"))
     343        ));
    344344        out.flush();
    345345    }
     
    362362            boolean endHeaders) throws IOException {
    363363        out.write("HTTP/1.1 " + status + "\r\n");
    364         Date now = new Date();
    365         out.write("Date: " + now + "\r\n");
     364        out.write("Date: " + new Date() + "\r\n");
    366365        out.write("Server: JOSM RemoteControl\r\n");
    367         out.write("Content-type: " + contentType + "\r\n");
     366        out.write("Content-type: " + contentType + "; charset=" + RESPONSE_CHARSET.name().toLowerCase(Locale.ENGLISH) + "\r\n");
    368367        out.write("Access-Control-Allow-Origin: *\r\n");
    369368        if (endHeaders)
  • trunk/src/org/openstreetmap/josm/io/remotecontrol/handler/RequestHandler.java

    r9732 r10587  
    247247        if (error) {
    248248            throw new RequestHandlerBadRequestException(
    249                     "The following keys are mandatory, but have not been provided: "
    250                     + Utils.join(", ", missingKeys));
     249                    tr("The following keys are mandatory, but have not been provided: {0}",
     250                            Utils.join(", ", missingKeys)));
    251251        }
    252252    }
Note: See TracChangeset for help on using the changeset viewer.