X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgi.c;h=5d7b7025315f082f6c3f3746d778ece83f1f9ac4;hp=75182199e9f74b322b43918c5ac94ddc1b31b464;hb=a123fb5113d6816320488f3239b6ae48b489ee9c;hpb=c83713758e9465e03ec3b0228c433e6f2d843352

diff --git a/cgi.c b/cgi.c
index 75182199..5d7b7025 100644
--- a/cgi.c
+++ b/cgi.c
@@ -7,7 +7,7 @@
  *                This only contains the framework functions, the
  *                actual handler functions are declared elsewhere.
  *
- * Copyright   :  Written by and Copyright (C) 2001-2020
+ * Copyright   :  Written by and Copyright (C) 2001-2021
  *                members of the Privoxy team. https://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -221,6 +221,9 @@ static const struct cgi_dispatcher cgi_dispatchers[] = {
    { "user-manual",
           cgi_send_user_manual,
           NULL, TRUE /* Send user-manual */ },
+   { "wpad.dat",
+         cgi_send_wpad,
+         NULL, TRUE /* Send wpad.dat proxy autoconfiguration file */ },
    { NULL, /* NULL Indicates end of list and default page */
          cgi_error_404,
          NULL, TRUE /* Unknown CGI page */ }
@@ -457,7 +460,7 @@ static int referrer_is_safe(const struct client_state *csp)
       log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.",
          csp->http->url);
    }
-   else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1))
+   else if ((0 == strncmp(referrer, CGI_PREFIX_HTTP, sizeof(CGI_PREFIX_HTTP)-1))
 #ifdef FEATURE_HTTPS_INSPECTION
          || (0 == strncmp(referrer, CGI_PREFIX_HTTPS, sizeof(CGI_PREFIX_HTTPS)-1))
          || (0 == strncmp(referrer, alt_prefix_https, strlen(alt_prefix_https)))
@@ -663,16 +666,7 @@ static struct map *parse_cgi_parameters(char *argstring)
     *      The same hack is used in get_last_url() so it looks like
     *      a real solution is needed.
     */
-   size_t max_segments = strlen(argstring) / 2;
-   if (max_segments == 0)
-   {
-      /*
-       * XXX: If the argstring is empty, there's really
-       *      no point in creating a param list, but currently
-       *      other parts of Privoxy depend on the list's existence.
-       */
-      max_segments = 1;
-   }
+   size_t max_segments = strlen(argstring) / 2 + 1;
    vector = malloc_or_die(max_segments * sizeof(char *));
 
    cgi_params = new_map();
@@ -1205,7 +1199,8 @@ jb_err cgi_error_no_template(const struct client_state *csp,
       ").</p>\n"
       "</body>\n"
       "</html>\n";
-   const size_t body_size = strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1;
+   size_t body_size = strlen(body_prefix) + strlen(body_suffix) + 1;
+   const char *encoded_template_name;
 
    assert(csp);
    assert(rsp);
@@ -1219,9 +1214,17 @@ jb_err cgi_error_no_template(const struct client_state *csp,
    rsp->head_length = 0;
    rsp->is_static = 0;
 
+   encoded_template_name = html_encode(template_name);
+   if (encoded_template_name == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   body_size += strlen(encoded_template_name);
    rsp->body = malloc_or_die(body_size);
    strlcpy(rsp->body, body_prefix, body_size);
-   strlcat(rsp->body, template_name, body_size);
+   strlcat(rsp->body, encoded_template_name, body_size);
+   freez(encoded_template_name);
    strlcat(rsp->body, body_suffix, body_size);
 
    rsp->status = strdup(status);
@@ -1277,7 +1280,7 @@ jb_err cgi_error_unknown(const struct client_state *csp,
    static const char body_suffix[] =
       "</b></p>\n"
       "<p>Please "
-      "<a href=\"http://sourceforge.net/tracker/?group_id=11118&amp;atid=111118\">"
+      "<a href=\"https://sourceforge.net/p/ijbswa/bugs/\">"
       "file a bug report</a>.</p>\n"
       "</body>\n"
       "</html>\n";
@@ -2216,11 +2219,7 @@ struct map *default_exports(const struct client_state *csp, const char *caller)
    if (!err) err = map(exports, "homepage",      1, html_encode(HOME_PAGE_URL), 0);
    if (!err)
    {
-      err = map(exports, "default-cgi",   1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-        client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
-        CGI_PREFIX), 0);
+      err = map(exports, "default-cgi",   1, html_encode(CGI_PREFIX), 0);
    }
    if (!err) err = map(exports, "menu",          1, make_menu(csp, caller), 0);
    if (!err) err = map(exports, "code-status",   1, CODE_STATUS, 1);
@@ -2235,11 +2234,7 @@ struct map *default_exports(const struct client_state *csp, const char *caller)
       /* Manual is delivered by Privoxy. */
       if (!err)
       {
-         err = map(exports, "user-manual", 1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-           client_use_ssl(csp) ? CGI_PREFIX_HTTPS"user-manual/" :
-#endif
-           CGI_PREFIX"user-manual/"), 0);
+         err = map(exports, "user-manual", 1, html_encode(CGI_PREFIX"user-manual/"), 0);
       }
    }
    if (!err) err = map(exports, "actions-help-prefix", 1, ACTIONS_HELP_PREFIX ,1);
@@ -2457,11 +2452,7 @@ char *make_menu(const struct client_state *csp, const char *self)
           * the "blocked" template's JavaScript.
           */
          string_append(&result, "<li><a href=\"");
-         html_encoded_prefix = html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
-            client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
-            CGI_PREFIX);
+         html_encoded_prefix = html_encode(CGI_PREFIX);
          if (html_encoded_prefix == NULL)
          {
             return NULL;