X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=cgisimple.c;h=1cebfe6d13b044325374706e550b0b70855b8355;hb=a84f5650eeaae447745938c9c12d868b6c021a41;hp=3e32295424d16d8859ab7aa6cbf1afb1c4284d70;hpb=42e4fa330b6bae707912dc050900fda316a5224f;p=privoxy.git diff --git a/cgisimple.c b/cgisimple.c index 3e322954..1cebfe6d 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -1,4 +1,4 @@ -const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.54 2007/04/09 18:11:35 fabiankeil Exp $"; +const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.88 2008/08/30 12:03:07 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $ @@ -9,7 +9,7 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.54 2007/04/09 18:11:35 fabian * Functions declared include: * * - * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge + * Copyright : Written by and Copyright (C) 2001-2008 the SourceForge * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -36,6 +36,140 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.54 2007/04/09 18:11:35 fabian * * Revisions : * $Log: cgisimple.c,v $ + * Revision 1.88 2008/08/30 12:03:07 fabiankeil + * Remove FEATURE_COOKIE_JAR. + * + * Revision 1.87 2008/08/29 15:59:22 fabiankeil + * Fix two comments. + * + * Revision 1.86 2008/06/28 14:19:05 fabiankeil + * Protocol detection is done case-insensitive, fix assertion + * to do the same. Yay for Privoxy-Regression-Test and zzuf. + * + * Revision 1.85 2008/05/26 17:30:55 fabiankeil + * Provide an OpenSearch Description to access the + * show-url-info page through "search engine plugins". + * + * Revision 1.84 2008/05/26 16:16:55 fabiankeil + * Spell error correctly. + * + * Revision 1.83 2008/05/12 14:51:30 fabiankeil + * Don't complain about an invalid URL if show-url-info is requested + * without parameters. Regression introduced in 1.81 by yours truly. + * + * Revision 1.82 2008/05/10 20:01:47 fabiankeil + * Fix an assertion that could erroneously + * trigger in case of memory shortage. + * + * Revision 1.81 2008/05/05 09:54:39 fabiankeil + * In cgi_show_url_info(), make sure ftp URLs are + * declared invalid. Also simplify the code that adds + * "http://" if no protocol has been specified. + * + * Revision 1.80 2008/05/04 16:18:32 fabiankeil + * Provide parse_http_url() with a third parameter to specify + * whether or not URLs without protocol are acceptable. + * + * Revision 1.79 2008/05/04 13:30:56 fabiankeil + * Streamline parse_http_url()'s prototype. + * + * Revision 1.78 2008/05/03 16:50:11 fabiankeil + * Leverage content_filters_enabled() in cgi_show_url_info(). + * + * Revision 1.77 2008/05/02 09:47:48 fabiankeil + * In cgi_show_url_info, pass an initialized http structure + * to parse_http_url() as that will be required soonish and + * assert that https URLs are recognized correctly. + * + * Revision 1.76 2008/04/28 09:13:30 fabiankeil + * In load_file(), remember the error reason and fclose() + * and return later on instead of right away. + * + * Revision 1.75 2008/04/27 13:52:52 fabiankeil + * Move CGI file loading code into load_file() and + * add checks for unexpected errors. + * + * Revision 1.74 2008/04/26 15:50:56 fabiankeil + * Fix macro name in cgi_show_file() error path. + * + * Revision 1.73 2008/04/26 12:21:55 fabiankeil + * Forget about JB_ERR_PARSE. JB_ERR_CGI_PARAMS to the rescue. + * + * Revision 1.72 2008/04/26 10:34:15 fabiankeil + * If zlib support is unavailable and there are content filters active + * but the prevent-compression action is disabled, include a warning + * on the show-url-info page that compression might prevent filtering. + * + * Revision 1.71 2008/04/25 13:33:56 fabiankeil + * - Factor cgi_show_file() out of cgi_show_status(). + * - Adjust cgi_show_status()'s parameter description to match reality. + * + * Revision 1.70 2008/04/24 16:12:38 fabiankeil + * In cgi_show_status(), load the requested file at once. + * Using string_join() for every line really doesn't scale. + * + * Revision 1.69 2008/04/17 14:40:48 fabiankeil + * Provide get_http_time() with the buffer size so it doesn't + * have to blindly assume that the buffer is big enough. + * + * Revision 1.68 2008/03/27 18:27:21 fabiankeil + * Remove kill-popups action. + * + * Revision 1.67 2008/03/27 17:00:05 fabiankeil + * Turn the favicon blobs into locals. + * + * Revision 1.66 2008/02/23 16:57:12 fabiankeil + * Rename url_actions() to get_url_actions() and let it + * use the standard parameter ordering. + * + * Revision 1.65 2008/02/23 16:33:43 fabiankeil + * Let forward_url() use the standard parameter ordering + * and mark its second parameter immutable. + * + * Revision 1.64 2008/02/03 13:56:07 fabiankeil + * Add SOCKS5 support for show-url-info CGI page. + * + * Revision 1.63 2008/02/01 06:04:31 fabiankeil + * If edit buttons on the show-url-info CGI page are hidden, explain why. + * + * Revision 1.62 2008/02/01 05:52:40 fabiankeil + * Hide edit buttons on the show-url-info CGI page if enable-edit-action + * is disabled. Patch by Lee with additional white space adjustments. + * + * Revision 1.61 2008/01/26 11:13:25 fabiankeil + * If enable-edit-actions is disabled, hide the edit buttons and explain why. + * + * Revision 1.60 2007/10/27 13:12:13 fabiankeil + * Finish 1.49 and check write access before + * showing edit buttons on show-url-info page. + * + * Revision 1.59 2007/10/19 16:42:36 fabiankeil + * Plug memory leak I introduced five months ago. + * Yay Valgrind and Privoxy-Regression-Test. + * + * Revision 1.58 2007/07/21 12:19:50 fabiankeil + * If show-url-info is called with an URL that Privoxy + * would reject as invalid, don't show unresolved forwarding + * variables, "final matches" or claim the site's secure. + * + * Revision 1.57 2007/06/01 16:53:05 fabiankeil + * Adjust cgi_show_url_info() to show what forward-override{} + * would do with the requested URL (instead of showing how the + * request for the CGI page would be forwarded if it wasn't a + * CGI request). + * + * Revision 1.56 2007/05/21 10:50:35 fabiankeil + * - Use strlcpy() instead of strcpy(). + * - Stop treating actions files special. Expect a complete file name + * (with or without path) like it's done for the rest of the files. + * Closes FR#588084. + * - Don't rerun sed() in cgi_show_request(). + * + * Revision 1.55 2007/04/13 13:36:46 fabiankeil + * Reference action files in CGI URLs by id instead + * of using the first part of the file name. + * Fixes BR 1694250 and BR 1590556. + * * Revision 1.54 2007/04/09 18:11:35 fabiankeil * Don't mistake VC++'s _snprintf() for a snprintf() replacement. * @@ -328,45 +462,12 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.54 2007/04/09 18:11:35 fabian const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION; - static char *show_rcs(void); static jb_err show_defines(struct map *exports); - -/* - * 16x16 ico blobs for favicon delivery functions. - */ -const char default_favicon_data[] = - "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" - "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" - "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" - "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" - "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" - "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" - "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" - "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" - "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" - "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" - "\017\000\000"; -const char error_favicon_data[] = - "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" - "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" - "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" - "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" - "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" - "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" - "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" - "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" - "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" - "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" - "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" - "\017\000\000"; -const size_t default_favicon_length = sizeof(default_favicon_data) - 1; -const size_t error_favicon_length = sizeof(error_favicon_data) - 1; +static jb_err cgi_show_file(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters); +static jb_err load_file(const char *filename, char **buffer, size_t *length); /********************************************************************* * @@ -544,8 +645,8 @@ jb_err cgi_show_request(struct client_state *csp, return JB_ERR_MEMORY; } - if (map(exports, "processed-request", 1, html_encode_and_free_original( - sed(client_patterns, add_client_headers, csp)), 0)) + if (map(exports, "processed-request", 1, + html_encode_and_free_original(list_to_text(csp->headers)), 0)) { free_map(exports); return JB_ERR_MEMORY; @@ -750,8 +851,25 @@ jb_err cgi_send_default_favicon(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - rsp->body = bindup(default_favicon_data, default_favicon_length); - rsp->content_length = default_favicon_length; + static const char default_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(default_favicon_data) - 1; + + rsp->body = bindup(default_favicon_data, favicon_length); + rsp->content_length = favicon_length; if (rsp->body == NULL) { @@ -791,8 +909,25 @@ jb_err cgi_send_error_favicon(struct client_state *csp, struct http_response *rsp, const struct map *parameters) { - rsp->body = bindup(error_favicon_data, error_favicon_length); - rsp->content_length = error_favicon_length; + static const char error_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; + static const size_t favicon_length = sizeof(error_favicon_data) - 1; + + rsp->body = bindup(error_favicon_data, favicon_length); + rsp->content_length = favicon_length; if (rsp->body == NULL) { @@ -860,6 +995,49 @@ jb_err cgi_send_stylesheet(struct client_state *csp, return JB_ERR_OK; } + + +/********************************************************************* + * + * Function : cgi_send_url_info_osd + * + * Description : CGI function that sends the OpenSearch Description + * template for the show-url-info page. It allows to + * access the page through "search engine plugins". + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_url_info_osd(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + jb_err err = JB_ERR_MEMORY; + struct map *exports = default_exports(csp, NULL); + + if (NULL != exports) + { + err = template_fill_for_cgi(csp, "url-info-osd.xml", exports, rsp); + if (JB_ERR_OK == err) + { + err = enlist(rsp->headers, + "Content-Type: application/opensearchdescription+xml"); + } + } + + return err; + +} + + /********************************************************************* * * Function : cgi_send_user_manual @@ -885,7 +1063,6 @@ jb_err cgi_send_user_manual(struct client_state *csp, { const char * filename; char *full_path; - FILE *fp; jb_err err = JB_ERR_OK; size_t length; @@ -916,40 +1093,18 @@ jb_err cgi_send_user_manual(struct client_state *csp, return JB_ERR_MEMORY; } - /* Open user-manual file */ - if (NULL == (fp = fopen(full_path, "rb"))) + err = load_file(full_path, &rsp->body, &rsp->content_length); + if (JB_ERR_OK != err) { - log_error(LOG_LEVEL_ERROR, "Cannot open user-manual file %s: %E", full_path); - err = cgi_error_no_template(csp, rsp, full_path); - free(full_path); + assert((JB_ERR_FILE == err) || (JB_ERR_MEMORY == err)); + if (JB_ERR_FILE == err) + { + err = cgi_error_no_template(csp, rsp, full_path); + } + freez(full_path); return err; } - - /* Get file length */ - fseek(fp, 0, SEEK_END); - length = (size_t)ftell(fp); - fseek(fp, 0, SEEK_SET); - - /* Allocate memory and load the file directly into the body */ - rsp->body = (char *)zalloc(length+1); - if (!rsp->body) - { - fclose(fp); - free(full_path); - return JB_ERR_MEMORY; - } - if (!fread(rsp->body, length, 1, fp)) - { - /* - * May happen if the file size changes between fseek() and fread(). - * If it does, we just log it and serve what we got. - */ - log_error(LOG_LEVEL_ERROR, "Couldn't completely read user-manual file %s.", full_path); - } - fclose(fp); - free(full_path); - - rsp->content_length = length; + freez(full_path); /* Guess correct Content-Type based on the filename's ending */ if (filename) @@ -1019,7 +1174,7 @@ jb_err cgi_show_version(struct client_state *csp, return template_fill_for_cgi(csp, "show-version", exports, rsp); } - + /********************************************************************* * * Function : cgi_show_status @@ -1035,7 +1190,7 @@ jb_err cgi_show_version(struct client_state *csp, * CGI Parameters : * file : Which file to show. Only first letter is checked, * valid values are: - * - "p"ermissions (actions) file + * - "a"ction file * - "r"egex * - "t"rust * Default is to show menu and other information. @@ -1052,10 +1207,7 @@ jb_err cgi_show_status(struct client_state *csp, unsigned i; int j; - FILE * fp; char buf[BUFFER_SIZE]; - const char * filename = NULL; - char * file_description = NULL; #ifdef FEATURE_STATISTICS float perc_rej; /* Percentage of http requests rejected */ int local_urls_read; @@ -1069,74 +1221,14 @@ jb_err cgi_show_status(struct client_state *csp, assert(rsp); assert(parameters); - if (NULL == (exports = default_exports(csp, "show-status"))) + if ('\0' != *(lookup(parameters, "file"))) { - return JB_ERR_MEMORY; + return cgi_show_file(csp, rsp, parameters); } - switch (*(lookup(parameters, "file"))) - { - case 'a': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i]) - { - filename = csp->actions_list[i]->filename; - file_description = "Actions File"; - } - break; - - case 'f': - if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i]) - { - filename = csp->rlist[i]->filename; - file_description = "Filter File"; - } - break; - -#ifdef FEATURE_TRUST - case 't': - if (csp->tlist) - { - filename = csp->tlist->filename; - file_description = "Trust File"; - } - break; -#endif /* def FEATURE_TRUST */ - } - - if (NULL != filename) + if (NULL == (exports = default_exports(csp, "show-status"))) { - if ( map(exports, "file-description", 1, file_description, 1) - || map(exports, "filepath", 1, html_encode(filename), 0) ) - { - free_map(exports); - return JB_ERR_MEMORY; - } - - if ((fp = fopen(filename, "r")) == NULL) - { - if (map(exports, "content", 1, "