-const char cgi_rcs[] = "$Id: cgi.c,v 1.80 2006/12/08 14:45:32 fabiankeil Exp $";
+const char cgi_rcs[] = "$Id: cgi.c,v 1.83 2006/12/17 19:35:19 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/cgi.c,v $
*
* Revisions :
* $Log: cgi.c,v $
+ * Revision 1.83 2006/12/17 19:35:19 fabiankeil
+ * Escape ampersand in Privoxy menu.
+ *
+ * Revision 1.82 2006/12/17 17:53:39 fabiankeil
+ * Suppress the toggle link if remote toggling is disabled.
+ *
+ * Revision 1.81 2006/12/09 13:49:16 fabiankeil
+ * Fix configure option --disable-toggle.
+ * Thanks to Peter Thoenen for reporting this.
+ *
* Revision 1.80 2006/12/08 14:45:32 fabiankeil
* Don't lose the FORCE_PREFIX in case of
* connection problems. Fixes #612235.
{ "show-status",
cgi_show_status,
#ifdef FEATURE_CGI_EDIT_ACTIONS
- "View & change the current configuration",
+ "View & change the current configuration",
#else
"View the current configuration",
#endif
ch = *(lookup(parameters, param_name));
if ((ch >= 'a') && (ch <= 'z'))
{
- ch = ch - 'a' + 'A';
+ ch = (char)(ch - 'a' + 'A');
}
return ch;
return JB_ERR_CGI_PARAMS;
}
- ch -= '0';
+ ch = (char)(ch - '0');
/* Note:
*
return JB_ERR_CGI_PARAMS;
}
- value = value * 10 + ch;
+ value = value * 10 + (unsigned)ch;
}
/* Success */
rsp->head_length = 0;
rsp->is_static = 0;
- sprintf(errnumbuf, "%d", error_to_report);
+ snprintf(errnumbuf, sizeof(errnumbuf), "%d", error_to_report);
rsp->body = malloc(strlen(body_prefix) + strlen(errnumbuf) + strlen(body_suffix) + 1);
if (rsp->body == NULL)
/*
* Fill in the HTTP Status
*/
- sprintf(buf, "HTTP/1.0 %s", rsp->status ? rsp->status : "200 OK");
+ snprintf(buf, sizeof(buf), "HTTP/1.0 %s", rsp->status ? rsp->status : "200 OK");
err = enlist_first(rsp->headers, buf);
/*
}
if (!err)
{
- sprintf(buf, "Content-Length: %d", (int)rsp->content_length);
+ snprintf(buf, sizeof(buf), "Content-Length: %d", (int)rsp->content_length);
err = enlist(rsp->headers, buf);
}
if (!err) err = map(exports, "my-hostname", 1, html_encode(csp->my_hostname ? csp->my_hostname : "unknown"), 0);
if (!err) err = map(exports, "homepage", 1, html_encode(HOME_PAGE_URL), 0);
if (!err) err = map(exports, "default-cgi", 1, html_encode(CGI_PREFIX), 0);
- if (!err) err = map(exports, "menu", 1, make_menu(caller), 0);
+ if (!err) err = map(exports, "menu", 1, make_menu(caller, csp->config->feature_flags), 0);
if (!err) err = map(exports, "code-status", 1, CODE_STATUS, 1);
if (!strncmpic(csp->config->usermanual, "file://", 7) ||
!strncmpic(csp->config->usermanual, "http", 4))
*
* Description : Returns an HTML-formatted menu of the available
* unhidden CGIs, excluding the one given in <self>
+ * and the toggle CGI if toggling is disabled.
*
- * Parameters : self = name of CGI to leave out, can be NULL for
+ * Parameters :
+ * 1 : self = name of CGI to leave out, can be NULL for
* complete listing.
+ * 2 : feature_flags = feature bitmap from csp->config
+ *
*
* Returns : menu string, or NULL on out-of-memory error.
*
*********************************************************************/
-char *make_menu(const char *self)
+char *make_menu(const char *self, const unsigned feature_flags)
{
const struct cgi_dispatcher *d;
char *result = strdup("");
/* List available unhidden CGI's and export as "other-cgis" */
for (d = cgi_dispatchers; d->name; d++)
{
+
+#ifdef FEATURE_TOGGLE
+ if (!(feature_flags & RUNTIME_FEATURE_CGI_TOGGLE) && !strcmp(d->name, "toggle"))
+ {
+ /*
+ * Suppress the toggle link if remote toggling is disabled.
+ */
+ continue;
+ }
+#endif /* def FEATURE_TOGGLE */
+
if (d->description && strcmp(d->name, self))
{
string_append(&result, "<li><a href=\"" CGI_PREFIX);