- From: CVS User ylafon <cvsmail@w3.org>
- Date: Tue, 23 Jun 2015 05:48:34 +0000
- To: www-validator-cvs@w3.org
Update of /sources/public/2002/css-validator/org/w3c/css/util In directory roscoe:/var/tmp/cvs-serv20565/org/w3c/css/util Modified Files: HTTPURL.java Log Message: restict ports a little more for the privileged ones --- /sources/public/2002/css-validator/org/w3c/css/util/HTTPURL.java 2013/02/11 15:01:51 1.29 +++ /sources/public/2002/css-validator/org/w3c/css/util/HTTPURL.java 2015/06/23 05:48:34 1.30 @@ -4,7 +4,7 @@ * http://www.w3.org/Consortium/Legal/ * * HTTPURL.java - * $Id: HTTPURL.java,v 1.29 2013/02/11 15:01:51 ylafon Exp $ + * $Id: HTTPURL.java,v 1.30 2015/06/23 05:48:34 ylafon Exp $ */ package org.w3c.css.util; @@ -31,7 +31,7 @@ /** * @author Philippe Le Hegaret - * @version $Revision: 1.29 $ + * @version $Revision: 1.30 $ */ public class HTTPURL { @@ -210,6 +210,12 @@ + url); throw new FileNotFoundException("import " + url + ": Operation not permitted"); + } + if (url.getPort() >= 0 && url.getPort() != 80 && url.getPort() != 443 && url.getPort() <= 1024) { + System.err.println("[WARNING] : someone is trying to access a forbidden port: " + + url); + throw new FileNotFoundException("import " + url + + ": Operation not permitted"); } }
Received on Tuesday, 23 June 2015 05:48:38 UTC