-const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.38 2006/09/06 18:45:03 fabiankeil Exp $";
+const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.49 2007/01/20 16:29:38 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $
* Functions declared include:
*
*
- * Copyright : Written by and Copyright (C) 2001 the SourceForge
+ * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge
* Privoxy team. http://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*
* Revisions :
* $Log: cgisimple.c,v $
+ * Revision 1.49 2007/01/20 16:29:38 fabiankeil
+ * Suppress edit buttons for action files if Privoxy has
+ * no write access. Suggested by Roland in PR 1564026.
+ *
+ * Revision 1.48 2007/01/20 15:31:31 fabiankeil
+ * Display warning if show-url-info CGI page
+ * is used while Privoxy is toggled off.
+ *
+ * Revision 1.47 2007/01/12 15:07:10 fabiankeil
+ * Use zalloc in cgi_send_user_manual.
+ *
+ * Revision 1.46 2007/01/02 12:49:46 fabiankeil
+ * Add FEATURE_ZLIB to the list of conditional
+ * defines at the show-status page.
+ *
+ * Revision 1.45 2006/12/28 18:16:41 fabiankeil
+ * Fixed gcc43 compiler warnings, zero out cgi_send_user_manual's
+ * body memory before using it, replaced sprintf calls with snprintf.
+ *
+ * Revision 1.44 2006/12/22 14:19:27 fabiankeil
+ * Removed checks whether or not AF_FILES have
+ * data structures associated with them in cgi_show_status.
+ * It doesn't matter as we're only interested in the file names.
+ *
+ * For the action files the checks were always true,
+ * but they prevented empty filter files from being
+ * listed. Fixes parts of BR 1619208.
+ *
+ * Revision 1.43 2006/12/17 17:57:56 fabiankeil
+ * - Added FEATURE_GRACEFUL_TERMINATION to the
+ * "conditional #defines" section
+ * - Escaped ampersands in generated HTML.
+ * - Renamed re-filter-filename to re-filter-filenames
+ *
+ * Revision 1.42 2006/11/21 15:43:12 fabiankeil
+ * Add special treatment for WIN32 to make sure
+ * cgi_send_user_manual opens the files in binary mode.
+ * Fixes BR 1600411 and unbreaks image delivery.
+ *
+ * Remove outdated comment.
+ *
+ * Revision 1.41 2006/10/09 19:18:28 roro
+ * Redirect http://p.p/user-manual (without trailing slash) to
+ * http://p.p/user-manual/ (with trailing slash), otherwise links will be broken.
+ *
+ * Revision 1.40 2006/09/09 13:05:33 fabiankeil
+ * Modified cgi_send_user_manual to serve binary
+ * content without destroying it first. Should also be
+ * faster now. Added ".jpg" check for Content-Type guessing.
+ *
+ * Revision 1.39 2006/09/08 09:49:23 fabiankeil
+ * Deliver documents in the user-manual directory
+ * with "Content-Type text/css" if their filename
+ * ends with ".css".
+ *
* Revision 1.38 2006/09/06 18:45:03 fabiankeil
* Incorporate modified version of Roland Rosenfeld's patch to
* optionally access the user-manual via Privoxy. Closes patch 679075.
#include <string.h>
#include <assert.h>
+#ifdef HAVE_ACCESS
+#include <unistd.h>
+#endif /* def HAVE_ACCESS */
+
#ifdef _WIN32
#define snprintf _snprintf
#endif /* def _WIN32 */
static char *show_rcs(void);
static jb_err show_defines(struct map *exports);
+/*
+ * 16x16 ico blobs for favicon delivery functions.
+ */
+const char default_favicon_data[] =
+ "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+ "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+ "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+ "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+ "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077"
+ "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+ "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+ "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+ "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+ "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+ "\017\000\000";
+const char error_favicon_data[] =
+ "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+ "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+ "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+ "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+ "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077"
+ "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+ "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+ "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+ "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+ "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+ "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+ "\017\000\000";
+const size_t default_favicon_length = sizeof(default_favicon_data) - 1;
+const size_t error_favicon_length = sizeof(error_favicon_data) - 1;
/*********************************************************************
*
}
+/*********************************************************************
+ *
+ * Function : cgi_send_default_favicon
+ *
+ * Description : CGI function that sends the standard favicon.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_send_default_favicon(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ rsp->body = bindup(default_favicon_data, default_favicon_length);
+ rsp->content_length = default_favicon_length;
+
+ if (rsp->body == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ if (enlist(rsp->headers, "Content-Type: image/x-icon"))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->is_static = 1;
+
+ return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function : cgi_send_error_favicon
+ *
+ * Description : CGI function that sends the favicon for error pages.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_send_error_favicon(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ rsp->body = bindup(error_favicon_data, error_favicon_length);
+ rsp->content_length = error_favicon_length;
+
+ if (rsp->body == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ if (enlist(rsp->headers, "Content-Type: image/x-icon"))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->is_static = 1;
+
+ return JB_ERR_OK;
+
+}
+
+
/*********************************************************************
*
* Function : cgi_send_stylesheet
*
* Function : cgi_send_user_manual
*
- * Description : CGI function that sends a user manual HTML file
+ * Description : CGI function that sends a file in the user
+ * manual directory.
*
* Parameters :
* 1 : csp = Current client state (buffers, headers, etc...)
const char * filename;
char *full_path;
FILE *fp;
- char buf[BUFFER_SIZE];
jb_err err = JB_ERR_OK;
- size_t length = 0;
+ size_t length;
assert(csp);
assert(rsp);
assert(parameters);
+ if (!parameters->first)
+ {
+ /* requested http://p.p/user-manual (without trailing slash) */
+ return cgi_redirect(rsp, CGI_PREFIX "user-manual/");
+ }
+
get_string_param(parameters, "file", &filename);
/* Check paramter for hack attempts */
if (filename && strchr(filename, '/'))
return JB_ERR_MEMORY;
}
- /* Allocate buffer */
- rsp->body = strdup("");
- if (rsp->body == NULL)
- {
- free(full_path);
- return JB_ERR_MEMORY;
- }
-
/* Open user-manual file */
+#ifdef WIN32
+ /*
+ * XXX: Do we support other operating systems that
+ * require special treatment to fopen in binary mode?
+ */
+ if (NULL == (fp = fopen(full_path, "rb")))
+#else
if (NULL == (fp = fopen(full_path, "r")))
+#endif /* def WIN32 */
{
log_error(LOG_LEVEL_ERROR, "Cannot open user-manual file %s: %E", full_path);
err = cgi_error_no_template(csp, rsp, full_path);
free(full_path);
return err;
}
- free(full_path);
- /* Read file and write it out */
- while (fgets(buf, BUFFER_SIZE, fp))
+ /* Get file length */
+ fseek(fp, 0, SEEK_END);
+ length = (size_t)ftell(fp);
+ fseek(fp, 0, SEEK_SET);
+
+ /* Allocate memory and load the file directly into the body */
+ rsp->body = (char *)zalloc(length+1);
+ if (!rsp->body)
{
- if (string_append(&rsp->body, buf))
- {
- fclose(fp);
- return JB_ERR_MEMORY;
- }
+ fclose(fp);
+ free(full_path);
+ return JB_ERR_MEMORY;
+ }
+ if (!fread(rsp->body, length, 1, fp))
+ {
+ /*
+ * This happens if we didn't fopen in binary mode.
+ * If it does, we just log it and serve what we got.
+ */
+ log_error(LOG_LEVEL_ERROR, "Couldn't completely read user-manual file %s.", full_path);
}
fclose(fp);
+ free(full_path);
+
+ rsp->content_length = length;
/* Guess correct Content-Type based on the filename's ending */
if (filename)
{
length = strlen(filename);
}
- if((length>=4) && !strcmp(&filename[length-4], ".css"))
+ else
+ {
+ length = 0;
+ }
+ if((length>=4) && !strcmp(&filename[length-4], ".css"))
{
err = enlist(rsp->headers, "Content-Type: text/css");
}
+ else if((length>=4) && !strcmp(&filename[length-4], ".jpg"))
+ {
+ err = enlist(rsp->headers, "Content-Type: image/jpeg");
+ }
else
{
err = enlist(rsp->headers, "Content-Type: text/html");
*
* Function : cgi_show_status
*
- * Description : CGI function that returns a a web page describing the
+ * Description : CGI function that returns a web page describing the
* current status of Privoxy.
*
* Parameters :
int local_urls_read;
int local_urls_rejected;
#endif /* ndef FEATURE_STATISTICS */
- struct file_list * fl;
- struct url_actions * b;
jb_err err = JB_ERR_OK;
struct map *exports;
perc_rej = (float)local_urls_rejected * 100.0F /
(float)local_urls_read;
- sprintf(buf, "%d", local_urls_read);
+ snprintf(buf, sizeof(buf), "%d", local_urls_read);
if (!err) err = map(exports, "requests-received", 1, buf, 1);
- sprintf(buf, "%d", local_urls_rejected);
+ snprintf(buf, sizeof(buf), "%d", local_urls_rejected);
if (!err) err = map(exports, "requests-blocked", 1, buf, 1);
- sprintf(buf, "%6.2f", perc_rej);
+ snprintf(buf, sizeof(buf), "%6.2f", perc_rej);
if (!err) err = map(exports, "percent-blocked", 1, buf, 1);
}
s = strdup("");
for (i = 0; i < MAX_AF_FILES; i++)
{
- if (((fl = csp->actions_list[i]) != NULL) && ((b = fl->f) != NULL))
+ if (csp->actions_list[i] != NULL)
{
if (!err) err = string_append(&s, "<tr><td>");
if (!err) err = string_join(&s, html_encode(csp->actions_list[i]->filename));
- snprintf(buf, 100, "</td><td class=\"buttons\"><a href=\"/show-status?file=actions&index=%d\">View</a>", i);
+ snprintf(buf, 100, "</td><td class=\"buttons\"><a href=\"/show-status?file=actions&index=%d\">View</a>", i);
if (!err) err = string_append(&s, buf);
#ifdef FEATURE_CGI_EDIT_ACTIONS
if (NULL == strstr(csp->actions_list[i]->filename, "standard.action") && NULL != csp->config->actions_file_short[i])
{
- snprintf(buf, 100, " <a href=\"/edit-actions-list?f=%s\">Edit</a>", csp->config->actions_file_short[i]);
- if (!err) err = string_append(&s, buf);
+#ifdef HAVE_ACCESS
+ if (access(csp->config->actions_file[i], W_OK) == 0)
+ {
+#endif /* def HAVE_ACCESS */
+ snprintf(buf, 100, " <a href=\"/edit-actions-list?f=%s\">Edit</a>",
+ csp->config->actions_file_short[i]);
+ if (!err) err = string_append(&s, buf);
+#ifdef HAVE_ACCESS
+ }
+ else
+ {
+ if (!err) err = string_append(&s, " <strong>No write access.</strong>");
+ }
+#endif /* def HAVE_ACCESS */
}
#endif
s = strdup("");
for (i = 0; i < MAX_AF_FILES; i++)
{
- if (((fl = csp->rlist[i]) != NULL) && ((b = fl->f) != NULL))
+ if (csp->rlist[i] != NULL)
{
if (!err) err = string_append(&s, "<tr><td>");
if (!err) err = string_join(&s, html_encode(csp->rlist[i]->filename));
- snprintf(buf, 100, "</td><td class=\"buttons\"><a href=\"/show-status?file=filter&index=%d\">View</a>", i);
+ snprintf(buf, 100,
+ "</td><td class=\"buttons\"><a href=\"/show-status?file=filter&index=%d\">View</a>", i);
if (!err) err = string_append(&s, buf);
if (!err) err = string_append(&s, "</td></tr>\n");
}
}
if (*s != '\0')
{
- if (!err) err = map(exports, "re-filter-filename", 1, s, 0);
+ if (!err) err = map(exports, "re-filter-filenames", 1, s, 0);
}
else
{
- if (!err) err = map(exports, "re-filter-filename", 1, "<tr><td>None specified</td></tr>", 1);
+ if (!err) err = map(exports, "re-filter-filenames", 1, "<tr><td>None specified</td></tr>", 1);
if (!err) err = map_block_killer(exports, "have-filterfile");
}
url_param = url_param_prefixed;
}
+ /*
+ * Hide "toggle off" warning if Privoxy is toggled on.
+ */
+ if (
+#ifdef FEATURE_TOGGLE
+ (global_toggle_state == 1) &&
+#endif /* def FEATURE_TOGGLE */
+ map_block_killer(exports, "privoxy-is-toggled-off")
+ )
+ {
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
if (url_param[0] == '\0')
{
/* FIXME: Hardcoded HTML! */
string_append(&matches, "<tr><th>In file: ");
string_join (&matches, html_encode(csp->config->actions_file_short[i]));
- snprintf(buf, 150, ".action <a class=\"cmd\" href=\"/show-status?file=actions&index=%d\">", i);
+ snprintf(buf, 150, ".action <a class=\"cmd\" href=\"/show-status?file=actions&index=%d\">", i);
string_append(&matches, buf);
string_append(&matches, "View</a>");
#ifdef FEATURE_CGI_EDIT_ACTIONS
if (!err) err = map(exports, "FORCE_PREFIX", 1, "(none - disabled)", 1);
#endif /* ndef FEATURE_FORCE_LOAD */
+#ifdef FEATURE_GRACEFUL_TERMINATION
+ if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 1);
+#else /* ifndef FEATURE_GRACEFUL_TERMINATION */
+ if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 0);
+#endif /* ndef FEATURE_GRACEFUL_TERMINATION */
+
#ifdef FEATURE_IMAGE_BLOCKING
if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 1);
#else /* ifndef FEATURE_IMAGE_BLOCKING */
if (!err) err = map_conditional(exports, "FEATURE_TRUST", 0);
#endif /* ndef FEATURE_TRUST */
+#ifdef FEATURE_ZLIB
+ if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 1);
+#else /* ifndef FEATURE_ZLIB */
+ if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 0);
+#endif /* ndef FEATURE_ZLIB */
+
#ifdef STATIC_PCRE
if (!err) err = map_conditional(exports, "STATIC_PCRE", 1);
#else /* ifndef STATIC_PCRE */
#define SHOW_RCS(__x) \
{ \
extern const char __x[]; \
- sprintf(buf, "%s\n", __x); \
+ snprintf(buf, sizeof(buf), " %s\n", __x); \
string_append(&result, buf); \
}