| At line 5 changed one line |
| |[Bug criticality]|MediumBug |
| |[Bug criticality]|[JSPWiki:MediumBug] |
| At line 7 changed one line |
| |[Bug status]|NewBug |
| |[Bug status]|ClosedBug |
| At line 14 changed one line |
| Um, try to create a page named 'CON' on a windows server indicates that the page already exists, and no edits are saved against it. I think it's getting confused with the device 'con'sole... probably? |
| Um, try to create a page named '[CON]' on a windows server indicates that the page already exists, and no edits are saved against it. I think it's getting confused with the device 'con'sole... probably? |
| At line 16 changed one line |
| Come to think of it, I'm curious what 'nul' would do... So okay, NUL, LPT1 all return a blank page, and... COM1 seems to hang the server waiting to do a ready from the serial device! |
| Come to think of it, I'm curious what 'nul' would do... So okay, NUL, LPT1 all return a blank page, and... COM1 seems to hang the server waiting to do a read from the serial device! |
| At line 19 added 35 lines |
| {{{ |
| 2005-02-21 15:12:53,324 [Thread-5] ERROR com.ecyrd.jspwiki.providers.AbstractFileProvider |
| ResearchWiki:CON - Failed to read |
| java.io.FileNotFoundException: D:\WikiHome\wikis\ResearchWiki\data\pages\CON.txt |
| (The system cannot find the file specified) at |
| java.io.FileInputStream.open(Native Method) at |
| java.io.FileInputStream.<init>(FileInputStream.java:103) at |
| com.ecyrd.jspwiki.providers.AbstractFileProvider.getPageText(AbstractFileProvider.java:169) at |
| com.ecyrd.jspwiki.providers.AbstractFileProvider.getPageText(AbstractFileProvider.java:150) at |
| com.ecyrd.jspwiki.providers.VersioningFileProvider.getPageText(VersioningFileProvider.java:217) at |
| com.ecyrd.jspwiki.providers.CachingProvider.getTextFromCache(CachingProvider.java:556) at |
| com.ecyrd.jspwiki.providers.CachingProvider.getPageText(CachingProvider.java:412) at |
| com.ecyrd.jspwiki.PageManager.getPageText(PageManager.java:171) at |
| ... |
| }}} |
|
| I wonder if this has any security implications? Any comments from people who use windows? |
|
| -- JanneJalkanen |
|
| I confirm this bug. There is some info at [forum.java.sun.com|http://forum.java.sun.com/thread.jspa?threadID=544334&messageID=2644480]. |
| As solution to this, we could create a filter, which checks the name of a wikipage. Similar to the |
| ProfanityFilter, which checks the content of an edited wiki page. |
| Windows users, could activate this filter. |
| Is there already such a filter? |
|
| -- StephanSchiessling |
|
| OK. So, apparently adding ".txt" to the file name is not enough... I'll add a patch to FileSystemProvider.mangleName() to rewrite certain page names (and BasicAttachmentProvider as well). |
|
| -- JanneJalkanen |
|
| Added a fix for 2.2.19 (all offending page names are prepended with "$$$" on Windows), though it's untested (I don't have a Windows machine; please someone check this!) |
|
| -- JanneJalkanen |
