1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
From 328f60773057641c4b2075fab9820145e95b728c Mon Sep 17 00:00:00 2001
From: tildeslash <info@tildeslash.com>
Date: Mon, 4 Mar 2019 14:13:42 +0100
Subject: [PATCH] Fixed: HTML escape the log file content when viewed via Monit
GUI.
---
src/http/cervlet.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/http/cervlet.c b/src/http/cervlet.c
index 9e3cd9c..afba84b 100644
--- a/src/http/cervlet.c
+++ b/src/http/cervlet.c
@@ -907,7 +907,7 @@ static void do_viewlog(HttpRequest req, HttpResponse res) {
StringBuffer_append(res->outputbuffer, "<br><p><form><textarea cols=120 rows=30 readonly>");
while ((n = fread(buf, sizeof(char), sizeof(buf) - 1, f)) > 0) {
buf[n] = 0;
- StringBuffer_append(res->outputbuffer, "%s", buf);
+ escapeHTML(res->outputbuffer, buf);
}
fclose(f);
StringBuffer_append(res->outputbuffer, "</textarea></form>");
--
2.10.5
|
