-const char killpopup_rcs[] = "$Id: killpopup.c,v 1.3 2001/05/22 18:56:28 oes Exp $";
+const char killpopup_rcs[] = "$Id: killpopup.c,v 1.10 2001/09/22 16:34:44 jongfoster Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/killpopup.c,v $
*
* Revisions :
* $Log: killpopup.c,v $
+ * Revision 1.10 2001/09/22 16:34:44 jongfoster
+ * Removing unneeded #includes
+ *
+ * Revision 1.9 2001/07/31 14:44:22 oes
+ * Deleted unused size parameter from filter_popups()
+ *
+ * Revision 1.8 2001/07/30 22:08:36 jongfoster
+ * Tidying up #defines:
+ * - All feature #defines are now of the form FEATURE_xxx
+ * - Permanently turned off WIN_GUI_EDIT
+ * - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ * Revision 1.7 2001/07/20 19:29:25 haroon
+ * - In v1.5 forgot to add that I implemented LOG_LEVEL_POPUPS in errlog.c,
+ * errlog.h and killpopup.c. In that case, it is superfluous to have define for
+ * POPUP_VERBOSE, so I removed the defines and logging is now done
+ * via log_error(LOG_LEVEL_POPUPS, ....)
+ *
+ * Revision 1.6 2001/07/19 19:11:35 haroon
+ * - Implemented Guy's idea of replacing window.open( with 1;''.concat(
+ * - Implemented Guy's idea of replacing .resizeTo( with .scrollTo(
+ *
+ * Revision 1.5 2001/07/18 15:02:52 haroon
+ * improved nuking of window.open
+ *
+ * Revision 1.4 2001/06/29 13:29:55 oes
+ * Added FIXMEs (and didn't repair, hehe)
+ *
* Revision 1.3 2001/05/22 18:56:28 oes
* CRLF -> LF
*
#include "project.h"
#include "killpopup.h"
-#include "jcc.h"
+#include "errlog.h"
const char killpopup_h_rcs[] = KILLPOPUP_H_VERSION;
-#ifdef KILLPOPUPS
-
-/* Change these for debug output. *lots*. */
-/*#define POPUP_VERBOSE 1*/
-#undef POPUP_VERBOSE
-
+#ifdef FEATURE_KILL_POPUPS
/*********************************************************************
*
* Function : filter_popups
*
- * Description : Filter the block of data that's been read from the server.
- * Caller is responsible for checking permissons list
- * to determine if this function should be called.
- * FIXME: Should use the replacements proposed by Guy
+ * Description : Filter the block of data that's been read from the server
+ * for javascript popup code and replace by syntactically
+ * neutral code of the same size.
+ * Raise the CSP_FLAG_MODIFIED flag on success.
*
* Parameters :
* 1 : buff = Buffer to scan and modify. Null terminated.
- * 2 : size = Buffer size, excluding null terminator.
+ * 2 : csp = Client state pointer
*
* Returns : void
*
*********************************************************************/
-void filter_popups(char *buff, int size)
+void filter_popups(char *buff, struct client_state *csp)
{
char *popup = NULL;
char *close = NULL;
char *p = NULL;
- char *q = NULL; /* by BREITENB NEW! */
while ((popup = strstr( buff, "window.open(" )) != NULL)
{
-#ifdef POPUP_VERBOSE
- fprintf(logfp, "Found start of window open" );
-#endif
- close = strstr( popup+1, ");" );
- if ( close )
+ if ( popup )
{
-#ifdef POPUP_VERBOSE
- fprintf(logfp, "Found end of window open" );
-#endif
- for ( p = popup; p != (close+1); p++ )
- {
- *p = ' ';
- }
-#ifdef POPUP_VERBOSE
- fprintf(logfp, "Blocked %s\n", host_name );
-#endif
- }
- else
- {
-#ifdef POPUP_VERBOSE
- fprintf(logfp, "Couldn't find end, turned into comment. Read boundary?\n" );
-#endif
- *popup = '/';
- popup++;
- *popup = '/';
+ /*
+ * replace the window.open( with a harmless JavaScript replacement (notice the two single quotes)
+ * Guy's idea (thanks)
+ */
+ strncpy(popup, "1;''.concat(", 12);
+ log_error(LOG_LEVEL_POPUPS, "Blocked popup window open");
+ csp->flags |= CSP_FLAG_MODIFIED;
}
-
-
- q=popup; /* by BREITENB NEW! */
- while (q>=buff)
- {
- if (*q==' ' || *q=='\t')
- q--;
- else break;
- }
- if (q>=buff)
+ }
+
+ while ((popup = strstr( buff, ".resizeTo(" )) != NULL)
+ {
+ if ( popup )
{
- if (*q=='=') *++q='1';
- /* result of popup is assigned to a variable! ensure success. hehehe. */
+ /*
+ * replace the .resizeTo( with a harmless JavaScript replacement
+ * Guy's idea (thanks)
+ */
+ strncpy(popup, ".scrollTo(", 10);
+ log_error(LOG_LEVEL_POPUPS, "Blocked popup window resize");
+ csp->flags |= CSP_FLAG_MODIFIED;
}
}
- /* Filter all other crap like onUnload onExit etc. (by BREITENB) NEW!*/
+ /* Filter onUnload and onExit */
popup=strstr( buff, "<body");
if (!popup) popup=strstr( buff, "<BODY");
if (!popup) popup=strstr( buff, "<Body");
close=strchr(popup,'>');
if (close)
{
- /* we are now between <body and the ending > FIXME: No, we're anywhere! --oes*/
+ /* we are now between <body and the ending > FIXME: No, we're anywhere! --oes */
p=strstr(popup, "onUnload");
if (p)
{
strncpy(p,"_nU_",4);
+ csp->flags |= CSP_FLAG_MODIFIED;
}
p=strstr(popup, "onExit");
if (p)
{
strncpy(p,"_nE_",4);
+ csp->flags |= CSP_FLAG_MODIFIED;
}
}
}
}
-#endif /* def KILLPOPUPS */
+#endif /* def FEATURE_KILL_POPUPS */
/*
Local Variables: