CVS 2002/css-validator/org/w3c/css/util

Update of /sources/public/2002/css-validator/org/w3c/css/util
In directory roscoe:/var/tmp/cvs-serv20565/org/w3c/css/util

Modified Files:
	HTTPURL.java 
Log Message:
restict ports a little more for the privileged ones

--- /sources/public/2002/css-validator/org/w3c/css/util/HTTPURL.java	2013/02/11 15:01:51	1.29
+++ /sources/public/2002/css-validator/org/w3c/css/util/HTTPURL.java	2015/06/23 05:48:34	1.30
@@ -4,7 +4,7 @@
  *  http://www.w3.org/Consortium/Legal/
  *
  * HTTPURL.java
- * $Id: HTTPURL.java,v 1.29 2013/02/11 15:01:51 ylafon Exp $
+ * $Id: HTTPURL.java,v 1.30 2015/06/23 05:48:34 ylafon Exp $
  */
 package org.w3c.css.util;
 
@@ -31,7 +31,7 @@
 
 /**
  * @author Philippe Le Hegaret
- * @version $Revision: 1.29 $
+ * @version $Revision: 1.30 $
  */
 public class HTTPURL {
 
@@ -210,6 +210,12 @@
 						+ url);
 				throw new FileNotFoundException("import " + url +
 						": Operation not permitted");
+			}
+			if (url.getPort() >= 0 && url.getPort() != 80 && url.getPort() != 443 && url.getPort() <= 1024) {
+				System.err.println("[WARNING] : someone is trying to access a forbidden port: "
+						+ url);
+				throw new FileNotFoundException("import " + url +
+						": Operation not permitted");
 			}
 		}
 

Received on Tuesday, 23 June 2015 05:48:38 UTC