X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=cgi.c;h=53587e9509c48cccbe7c799c8b53b76056119cf8;hb=f5883f6356d072864458b81f44fff4c23e29a9b0;hp=96ce16f36b9e8d1501ce2464cc24f81ba2013488;hpb=3c2accf011811db47139a0bc13168fddca1b1c87;p=privoxy.git diff --git a/cgi.c b/cgi.c index 96ce16f3..53587e95 100644 --- a/cgi.c +++ b/cgi.c @@ -7,7 +7,7 @@ * This only contains the framework functions, the * actual handler functions are declared elsewhere. * - * Copyright : Written by and Copyright (C) 2001-2017 + * Copyright : Written by and Copyright (C) 2001-2020 * members of the Privoxy team. https://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -62,12 +62,17 @@ #if defined(FEATURE_CGI_EDIT_ACTIONS) || defined(FEATURE_TOGGLE) #include "cgiedit.h" #endif /* defined(FEATURE_CGI_EDIT_ACTIONS) || defined (FEATURE_TOGGLE) */ +#ifdef FEATURE_HTTPS_INSPECTION +#include "ssl.h" +#endif /* loadcfg.h is for global_toggle_state only */ #include "loadcfg.h" /* jcc.h is for mutex semaphore globals only */ #include "jcc.h" +static char *make_menu(const struct client_state *csp, const char *self); + /* * List of CGI functions: name, handler, description * Note: Do NOT use single quotes in the description; @@ -101,7 +106,7 @@ static const struct cgi_dispatcher cgi_dispatchers[] = { */ { "client-tags", cgi_show_client_tags, - "View or toggle the tags that can be set based on the clients address", + "View or toggle the tags that can be set based on the client's address", TRUE }, #endif { "show-request", @@ -401,8 +406,13 @@ struct http_response *dispatch_cgi(struct client_state *csp) static char *grep_cgi_referrer(const struct client_state *csp) { struct list_entry *p; + struct list_entry *first_header = +#ifdef FEATURE_HTTPS_INSPECTION + client_use_ssl(csp) ? csp->https_headers->first : +#endif + csp->headers->first; - for (p = csp->headers->first; p != NULL; p = p->next) + for (p = first_header; p != NULL; p = p->next) { if (p->str == NULL) continue; if (strncmpic(p->str, "Referer: ", 9) == 0) @@ -434,6 +444,9 @@ static int referrer_is_safe(const struct client_state *csp) { char *referrer; static const char alternative_prefix[] = "http://" CGI_SITE_1_HOST "/"; +#ifdef FEATURE_HTTPS_INSPECTION + static const char alt_prefix_https[] = "https://" CGI_SITE_1_HOST "/"; +#endif const char *trusted_cgi_referrer = csp->config->trusted_cgi_referrer; referrer = grep_cgi_referrer(csp); @@ -444,8 +457,12 @@ static int referrer_is_safe(const struct client_state *csp) log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.", csp->http->url); } - else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1) - || (0 == strncmp(referrer, alternative_prefix, strlen(alternative_prefix))))) + else if ((0 == strncmp(referrer, CGI_PREFIX_HTTP, sizeof(CGI_PREFIX_HTTP)-1)) +#ifdef FEATURE_HTTPS_INSPECTION + || (0 == strncmp(referrer, CGI_PREFIX_HTTPS, sizeof(CGI_PREFIX_HTTPS)-1)) + || (0 == strncmp(referrer, alt_prefix_https, strlen(alt_prefix_https))) +#endif + || (0 == strncmp(referrer, alternative_prefix, strlen(alternative_prefix)))) { /* Trustworthy referrer */ log_error(LOG_LEVEL_CGI, "Granting access to %s, referrer %s is trustworthy.", @@ -520,7 +537,8 @@ static struct http_response *dispatch_known_cgi(struct client_state * csp, *query_args_start++ = '\0'; param_list = new_map(); err = map(param_list, "file", 1, url_decode(query_args_start), 0); - if (JB_ERR_OK != err) { + if (JB_ERR_OK != err) + { free(param_list); free(path_copy); return cgi_error_memory(); @@ -1259,7 +1277,7 @@ jb_err cgi_error_unknown(const struct client_state *csp, static const char body_suffix[] = "
\n" "Please " - "" + "" "file a bug report.
\n" "