8a6f5cc1616ffc47560736bd8a4b2bc1b34a2491,src/freenet/clients/http/LocalFileBrowserToadlet.java,LocalFileBrowserToadlet,renderPage,#Hashtable#String#ToadletContext#,210

Before Change


						// Select directory
						if (allowedDir(currentFile)) {
						HTMLNode cellNode = fileRow.addChild("td");
						HTMLNode formNode = ctx.addFormChild(cellNode, postTo(),
						        "insertLocalFileForm");

							createSelectDirectoryButton(formNode, currentFile.getAbsolutePath(),

After Change


	        throws ToadletContextClosedException, IOException, RedirectException {
		HTMLNode persistenceFields = renderPersistenceFields(fieldPairs);

		if (filename != null) {
			File file = new File(filename);
			if (file.isDirectory()) lastSuccessful = file.getAbsoluteFile();
			else lastSuccessful = file.getParentFile().getAbsoluteFile();

			try {
				System.out.println(postTo());
				throw new RedirectException(postTo());
			} catch (URISyntaxException e) {
				sendErrorPage(ctx, 500, NodeL10n.getBase().getString("Toadlet.internalErrorPleaseReport"),
				              e.getMessage());
			}
		}

		if (path.length() == 0) {
			if (lastSuccessful != null && lastSuccessful.isDirectory() && allowedDir(lastSuccessful)) {
				path = lastSuccessful.getAbsolutePath();
			} else {
				path = startingDir();
			}
		}

		File currentPath = new File(path).getCanonicalFile();
		//For use in error messages.
		String attemptedPath = currentPath == null ? "null" : currentPath.getAbsolutePath();

		PageMaker pageMaker = ctx.getPageMaker();

		if (currentPath != null && !allowedDir(currentPath)) {
			PageNode page = pageMaker.getPageNode(l10n("listingTitle", "path", attemptedPath), ctx);
			pageMaker.getInfobox("infobox-error",  "Forbidden", page.content, "access-denied", true).
			        addChild("#", l10n("dirAccessDenied"));

			sendErrorPage(ctx, 403, "Forbidden", l10n("dirAccessDenied"));
			return;
		}
		
		HTMLNode pageNode;

		if (currentPath != null && currentPath.exists() && currentPath.isDirectory() && currentPath.canRead()) {
			PageNode page = pageMaker.getPageNode(l10n("listingTitle", "path",
			        currentPath.getAbsolutePath()), ctx);
			pageNode = page.outer;
			HTMLNode contentNode = page.content;
			if (ctx.isAllowedFullAccess()) contentNode.addChild(core.alerts.createSummary());
			
			HTMLNode infoboxDiv = contentNode.addChild("div", "class", "infobox");
			infoboxDiv.addChild("div", "class", "infobox-header", l10n("listing", "path",
			        currentPath.getAbsolutePath()));
			HTMLNode listingDiv = infoboxDiv.addChild("div", "class", "infobox-content");
			
			File[] files = currentPath.listFiles();
			
			if (files == null) {
				sendErrorPage(ctx, 403, "Forbidden", l10n("dirAccessDenied"));
				return;
			}
			
			Arrays.sort(files, new Comparator<File>() {
				@Override
				public int compare(File firstFile, File secondFile) {
					/* Put directories above files, sorting each alphabetically and
					 * case-insensitively.
					 */
					if (firstFile.isDirectory() && !secondFile.isDirectory()) {
						return -1;
					}
					if (!firstFile.isDirectory() && secondFile.isDirectory()) {
						return 1;
					}
					return firstFile.getName().compareToIgnoreCase(secondFile.getName());
				}
			});
			HTMLNode listingTable = listingDiv.addChild("table");
			HTMLNode headerRow = listingTable.addChild("tr");
			headerRow.addChild("th");
			headerRow.addChild("th", l10n("fileHeader"));
			headerRow.addChild("th", l10n("sizeHeader"));
			/* add filesystem roots (fsck windows) */
			for (File currentRoot : File.listRoots()) {
				if (allowedDir(currentRoot)) {
				HTMLNode rootRow = listingTable.addChild("tr");
				rootRow.addChild("td");
				HTMLNode rootLinkCellNode = rootRow.addChild("td");
				HTMLNode rootLinkFormNode = ctx.addFormChild(rootLinkCellNode, path(),
				        "insertLocalFileForm");
					createChangeDirButton(rootLinkFormNode, currentRoot.getCanonicalPath(),
					        currentRoot.getAbsolutePath(), persistenceFields);
				rootRow.addChild("td");
				}
			}
			/* add back link */
			if (currentPath.getParent() != null) {
				if (allowedDir(currentPath.getParentFile())) {
				HTMLNode backlinkRow = listingTable.addChild("tr");
				backlinkRow.addChild("td");
				HTMLNode backLinkCellNode = backlinkRow.addChild("td");
				HTMLNode backLinkFormNode = ctx.addFormChild(backLinkCellNode, path(),
				        "insertLocalFileForm");
					createChangeDirButton(backLinkFormNode, "..", currentPath.getParent(), persistenceFields);
				backlinkRow.addChild("td");
				}
			}
			for (File currentFile : files) {
				HTMLNode fileRow = listingTable.addChild("tr");
				if (currentFile.isDirectory()) {
					if (currentFile.canRead()) {
						// Select directory
						if (allowedDir(currentFile)) {
						HTMLNode cellNode = fileRow.addChild("td");
						HTMLNode formNode = ctx.addFormChild(cellNode, path(),
						        "insertLocalFileForm");

							createSelectDirectoryButton(formNode, currentFile.getAbsolutePath(),