Shift string safely into Log class, finish hack substitution string

2021-12-24 00:08:52 -06:00 · 2021-12-24 00:08:52 -06:00 · bd4a34e2ae
parent 9e602f50d6
commit bd4a34e2ae
18 changed files with 59 additions and 10 deletions
--- a/DynmapCore/src/main/java/org/dynmap/JsonFileClientUpdateComponent.java
+++ b/DynmapCore/src/main/java/org/dynmap/JsonFileClientUpdateComponent.java
@ -49,8 +49,6 @@ public class JsonFileClientUpdateComponent extends ClientUpdateComponent {
    private MapStorage storage;
    private File baseStandaloneDir;
    private String safeString(String s) { return s.replaceAll("\\$", "_"); }
    private static class FileToWrite {
        String filename;
        byte[] content;
@ -422,17 +420,17 @@ public class JsonFileClientUpdateComponent extends ClientUpdateComponent {
 							isip = false;
 							if(checkuserban) {
 								if(core.getServer().isPlayerBanned(name)) {
-									Log.info("Ignore message from '" + ip + "' - banned player (" + safeString(name) + ")");
+									Log.info("Ignore message from '" + ip + "' - banned player (" + name + ")");
 									ok = false;
 								}
 							}
 							if(chat_perms && !core.getServer().checkPlayerPermission(name, "webchat")) {
-								Log.info("Rejected web chat from " + ip + ": not permitted (" + safeString(name) + ")");
+								Log.info("Rejected web chat from " + ip + ": not permitted (" + name + ")");
 								ok = false;
 							}
 						}
 						else if(requireplayerloginip) {
-							Log.info("Ignore message from '" + safeString(name) + "' - no matching player login recorded");
+							Log.info("Ignore message from '" + name + "' - no matching player login recorded");
 							ok = false;
 						}
 					}
--- a/DynmapCore/src/main/java/org/dynmap/Log.java
+++ b/DynmapCore/src/main/java/org/dynmap/Log.java
@ -10,6 +10,9 @@ public class Log {
    private static String prefix = "";
    private static DynmapLogger dlog = null;
    public static boolean verbose = false;
    public static String safeString(String s) { return s.replaceAll("[\\${}]", "_"); }
    public static void setLogger(Logger logger, String pre) {
        log = logger;
        if((pre != null) && (pre.length() > 0))
@ -24,6 +27,7 @@ public class Log {
        log.setParent(parent);
    }
    public static void info(String msg) {
    	msg = safeString(msg);
        if (dlog != null) {
            dlog.info(msg);
        }
@ -33,6 +37,7 @@ public class Log {
    }
    public static void verboseinfo(String msg) {
        if(verbose) {
        	msg = safeString(msg);
            if (dlog != null) {
                dlog.info(msg);
            }
@ -50,6 +55,7 @@ public class Log {
        }
    }
    public static void severe(String msg) {
    	msg = safeString(msg);
        if (dlog != null) {
            dlog.severe(msg);
        }
@ -58,6 +64,7 @@ public class Log {
        }
    }
    public static void severe(String msg, Throwable e) {
    	msg = safeString(msg);
        if (dlog != null) {
            dlog.severe(msg, e);
        }
@ -66,6 +73,7 @@ public class Log {
        }
    }
    public static void warning(String msg) {
    	msg = safeString(msg);
        if (dlog != null) {
            dlog.warning(msg);
        }
@ -74,6 +82,7 @@ public class Log {
        }
    }
    public static void warning(String msg, Throwable e) {
    	msg = safeString(msg);
        if (dlog != null) {
            dlog.warning(msg, e);
        }
--- a/DynmapCore/src/main/java/org/dynmap/SimpleWebChatComponent.java
+++ b/DynmapCore/src/main/java/org/dynmap/SimpleWebChatComponent.java
@ -45,6 +45,7 @@ public class SimpleWebChatComponent extends Component {
                @Override
                public void chatEvent(DynmapPlayer p, String msg) {
                    if(core.disable_chat_to_web) return;
                    msg = core.scanAndReplaceLog4JMacro(msg);
                    if(core.mapManager != null)
                        core.mapManager.pushUpdate(new Client.ChatMessage("player", "", p.getDisplayName(), msg, p.getName()));
                }
--- a/DynmapCore/src/main/java/org/dynmap/servlet/SendMessageServlet.java
+++ b/DynmapCore/src/main/java/org/dynmap/servlet/SendMessageServlet.java
@ -52,7 +52,6 @@ public class SendMessageServlet extends HttpServlet {
    public DynmapCore core;
    public HashSet<String> proxyaddress = new HashSet<String>();
    private String safeString(String s) { return s.replaceAll("\\$", "_"); }
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        byte[] bytes;
@ -66,7 +65,7 @@ public class SendMessageServlet extends HttpServlet {
        }
        else if(chat_requires_login && (!userID.equals(LoginServlet.USERID_GUEST)) && chat_perms && 
                (!core.checkPermission(userID, "webchat"))) {
-            Log.info("Rejected web chat by " + safeString(userID) + ": not permitted");
+            Log.info("Rejected web chat by " + userID + ": not permitted");
            error = "not-permitted";
        }
        else {
@ -119,20 +118,20 @@ public class SendMessageServlet extends HttpServlet {
                        String id = ids.get(0);
                        if (check_user_ban) {
                            if (core.getServer().isPlayerBanned(id)) {
-                                Log.info("Ignore message from '" + safeString(message.name) + "' - banned player (" + id + ")");
+                                Log.info("Ignore message from '" + message.name + "' - banned player (" + id + ")");
                                error = "not-allowed";
                                ok = false;
                            }
                        }
                        if (chat_perms && !core.getServer().checkPlayerPermission(id, "webchat")) {
-                            Log.info("Rejected web chat from '" + safeString(message.name) + "': not permitted (" + id + ")");
+                            Log.info("Rejected web chat from '" + message.name + "': not permitted (" + id + ")");
                            error = "not-allowed";
                            ok = false;
                        }
                        message.name = id;
                        isip = false;
                    } else if (require_player_login_ip) {
-                        Log.info("Ignore message from '" + safeString(message.name) + "' - no matching player login recorded");
+                        Log.info("Ignore message from '" + message.name + "' - no matching player login recorded");
                        error = "not-allowed";
                        ok = false;
                    }
--- a/fabric-1.14.4/src/main/resources/configuration.txt
+++ b/fabric-1.14.4/src/main/resources/configuration.txt
@ -459,3 +459,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/fabric-1.15.2/src/main/resources/configuration.txt
+++ b/fabric-1.15.2/src/main/resources/configuration.txt
@ -459,3 +459,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/fabric-1.16.4/src/main/resources/configuration.txt
+++ b/fabric-1.16.4/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/fabric-1.17.1/src/main/resources/configuration.txt
+++ b/fabric-1.17.1/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/fabric-1.18/src/main/resources/configuration.txt
+++ b/fabric-1.18/src/main/resources/configuration.txt
@ -465,3 +465,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.11.2/src/main/resources/configuration.txt
+++ b/forge-1.11.2/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.12.2/src/main/resources/configuration.txt
+++ b/forge-1.12.2/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.13.2/src/main/resources/configuration.txt
+++ b/forge-1.13.2/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.14.4/src/main/resources/configuration.txt
+++ b/forge-1.14.4/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.15.2/src/main/resources/configuration.txt
+++ b/forge-1.15.2/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.16.5/src/main/resources/configuration.txt
+++ b/forge-1.16.5/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.17.1/src/main/resources/configuration.txt
+++ b/forge-1.17.1/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/forge-1.18/src/main/resources/configuration.txt
+++ b/forge-1.18/src/main/resources/configuration.txt
@ -467,3 +467,6 @@ verbose: false
 #  - class: org.dynmap.debug.LogDebugger
 # Debug: dump blocks missing render data
 dump-missing-blocks: false
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"
--- a/spigot/src/main/resources/configuration.txt
+++ b/spigot/src/main/resources/configuration.txt
@ -501,3 +501,6 @@ dump-missing-blocks: false
 # your worlds before running with this setting enabled (set to true)
 #
 #migrate-chunks: true
 # Log4J defense: string substituted for attempts to use macros in web chat
 hackAttemptBlurb: "(IaM5uchA1337Haxr-Ban Me!)"