X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgi.c;h=641af64190cacd041c6f01b3259efaf7442a19b3;hp=7ad60170ec1aee5bd2c7cf3b8913a60526af209c;hb=e37a59aca86ce1f33b5979f7456084b11919b3b7;hpb=fc38802c68b57157c6e3c763d15dbd9f8e85e170 diff --git a/cgi.c b/cgi.c index 7ad60170..641af641 100644 --- a/cgi.c +++ b/cgi.c @@ -1,4 +1,4 @@ -const char cgi_rcs[] = "$Id: cgi.c,v 1.34 2001/10/18 22:22:09 david__schmidt Exp $"; +const char cgi_rcs[] = "$Id: cgi.c,v 1.44 2002/03/05 22:43:45 david__schmidt Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/cgi.c,v $ @@ -38,10 +38,66 @@ const char cgi_rcs[] = "$Id: cgi.c,v 1.34 2001/10/18 22:22:09 david__schmidt Exp * * Revisions : * $Log: cgi.c,v $ + * Revision 1.44 2002/03/05 22:43:45 david__schmidt + * - Better error reporting on OS/2 + * - Fix double-slash comment (oops) + * + * Revision 1.43 2002/03/05 21:33:45 david__schmidt + * - Re-enable OS/2 building after new parms were added + * - Fix false out of memory report when resolving CGI templates when no IP + * address is available of failed attempt (a la no such domain) + * + * Revision 1.42 2002/01/21 00:33:20 jongfoster + * Replacing strsav() with the safer string_append() or string_join(). + * Adding map_block_keep() to save a few bytes in the edit-actions-list HTML. + * Adding missing html_encode() to error message generators. + * Adding edit-actions-section-swap and many "shortcuts" to the list of CGIs. + * + * Revision 1.41 2002/01/17 20:56:22 jongfoster + * Replacing hard references to the URL of the config interface + * with #defines from project.h + * + * Revision 1.40 2002/01/09 14:26:46 oes + * Added support for thread-safe gmtime_r call. + * + * Revision 1.39 2001/11/16 00:48:13 jongfoster + * Fixing a compiler warning + * + * Revision 1.38 2001/11/13 00:31:21 jongfoster + * - Adding new CGIs for use by non-JavaScript browsers: + * edit-actions-url-form + * edit-actions-add-url-form + * edit-actions-remove-url-form + * - Fixing make_menu()'s HTML generation - it now quotes the href parameter. + * - Fixing || bug. + * + * Revision 1.37 2001/11/01 14:28:47 david__schmidt + * Show enablement/disablement status in almost all templates. + * There is a little trickiness here: apparent recursive resolution of + * @if-enabled-then@ caused the toggle template to show status out-of-phase with + * the actual enablement status. So a similar construct, + * @if-enabled-display-then@, is used to resolve the status display on non-'toggle' + * templates. + * + * Revision 1.36 2001/10/26 17:33:27 oes + * marginal bugfix + * + * Revision 1.35 2001/10/23 21:48:19 jongfoster + * Cleaning up error handling in CGI functions - they now send back + * a HTML error page and should never cause a FATAL error. (Fixes one + * potential source of "denial of service" attacks). + * + * CGI actions file editor that works and is actually useful. + * + * Ability to toggle JunkBuster remotely using a CGI call. + * + * You can turn off both the above features in the main configuration + * file, e.g. if you are running a multi-user proxy. + * * Revision 1.34 2001/10/18 22:22:09 david__schmidt * Only show "Local support" on templates conditionally: * - if either 'admin-address' or 'proxy-info-url' are uncommented in config - * - if not, no Local support section appears are removed automatically + * - if not, no Local support section appears * * Revision 1.33 2001/10/14 22:28:41 jongfoster * Fixing stupid typo. @@ -250,6 +306,8 @@ const char cgi_rcs[] = "$Id: cgi.c,v 1.34 2001/10/18 22:22:09 david__schmidt Exp #ifdef FEATURE_CGI_EDIT_ACTIONS #include "cgiedit.h" #endif /* def FEATURE_CGI_EDIT_ACTIONS */ +#include "loadcfg.h" +/* loadcfg.h is for g_bToggleIJB only */ const char cgi_h_rcs[] = CGI_H_VERSION; @@ -269,16 +327,36 @@ static const struct cgi_dispatcher cgi_dispatchers[] = { { "show-url-info", cgi_show_url_info, "Show which actions apply to a URL and why" }, -#ifdef FEATURE_CGI_EDIT_ACTIONS { "toggle", cgi_toggle, "Toggle JunkBuster on or off" }, +#ifdef FEATURE_CGI_EDIT_ACTIONS { "edit-actions", cgi_edit_actions, "Edit the actions list" }, -#endif /* def FEATURE_CGI_EDIT_ACTIONS */ -#ifdef FEATURE_CGI_EDIT_ACTIONS + + { "eaa", /* Shortcut for edit-actions-add-url-form */ + cgi_edit_actions_add_url_form, + NULL }, + { "eau", /* Shortcut for edit-actions-url-form */ + cgi_edit_actions_url_form, + NULL }, + { "ear", /* Shortcut for edit-actions-remove-url-form */ + cgi_edit_actions_remove_url_form, + NULL }, + { "eas", /* Shortcut for edit-actions-for-url */ + cgi_edit_actions_for_url, + NULL }, + { "easa", /* Shortcut for edit-actions-section-add */ + cgi_edit_actions_section_add, + NULL }, + { "easr", /* Shortcut for edit-actions-section-remove */ + cgi_edit_actions_section_remove, + NULL }, + { "eass", /* Shortcut for edit-actions-section-swap */ + cgi_edit_actions_section_swap, + NULL }, { "edit-actions-for-url", cgi_edit_actions_for_url, NULL /* Edit the actions for (a) specified URL(s) */ }, @@ -291,18 +369,30 @@ static const struct cgi_dispatcher cgi_dispatchers[] = { { "edit-actions-url", cgi_edit_actions_url, NULL /* Change a URL pattern in the actionsfile */ }, + { "edit-actions-url-form", + cgi_edit_actions_url_form, + NULL /* Form to change a URL pattern in the actionsfile */ }, { "edit-actions-add-url", cgi_edit_actions_add_url, NULL /* Add a URL pattern to the actionsfile */ }, + { "edit-actions-add-url-form", + cgi_edit_actions_add_url_form, + NULL /* Form to add a URL pattern to the actionsfile */ }, { "edit-actions-remove-url", cgi_edit_actions_remove_url, - NULL /* Add a URL pattern to the actionsfile */ }, - { "edit-actions-section-remove", - cgi_edit_actions_section_remove, - NULL /* Remove a section from the actionsfile */ }, + NULL /* Remove a URL pattern from the actionsfile */ }, + { "edit-actions-remove-url-form", + cgi_edit_actions_remove_url_form, + NULL /* Form to remove a URL pattern from the actionsfile */ }, { "edit-actions-section-add", cgi_edit_actions_section_add, NULL /* Remove a section from the actionsfile */ }, + { "edit-actions-section-remove", + cgi_edit_actions_section_remove, + NULL /* Remove a section from the actionsfile */ }, + { "edit-actions-section-swap", + cgi_edit_actions_section_swap, + NULL /* Swap two sections in the actionsfile */ }, #endif /* def FEATURE_CGI_EDIT_ACTIONS */ { "robots.txt", cgi_robots_txt, @@ -310,6 +400,9 @@ static const struct cgi_dispatcher cgi_dispatchers[] = { { "send-banner", cgi_send_banner, NULL /* Send the transparent or \"Junkbuster\" gif */ }, + { "t", + cgi_transparent_gif, + NULL /* Send a transparent gif (short name) */ }, { NULL, /* NULL Indicates end of list and default page */ cgi_error_404, NULL /* Unknown CGI page */ } @@ -349,14 +442,17 @@ static struct http_response cgi_error_memory_response[1]; static struct http_response *dispatch_known_cgi(struct client_state * csp, const char * path); +static struct map *parse_cgi_parameters(char *argstring); /********************************************************************* * * Function : dispatch_cgi * - * Description : Checks if a request URL has either the magical hostname - * i.j.b or matches HOME_PAGE_URL/config/. If so, it passes + * Description : Checks if a request URL has either the magical + * hostname CGI_SITE_1_HOST (usully http://i.j.b/) or + * matches CGI_SITE_2_HOST CGI_SITE_2_PATH (usually + * http://ijbswa.sourceforge.net/config). If so, it passes * the (rest of the) path onto dispatch_known_cgi, which * calls the relevant CGI handler function. * @@ -375,27 +471,34 @@ struct http_response *dispatch_cgi(struct client_state *csp) * Should we intercept ? */ - /* Either the host matches CGI_PREFIX_HOST ..*/ - if ( (0 == strcmpic(host, CGI_PREFIX_HOST)) + /* Note: "example.com" and "example.com." are equivalent hostnames. */ + + /* Either the host matches CGI_SITE_1_HOST ..*/ + if ( ( (0 == strcmpic(host, CGI_SITE_1_HOST)) + || (0 == strcmpic(host, CGI_SITE_1_HOST "."))) && (path[0] == '/') ) { /* ..then the path will all be for us. Remove leading '/' */ path++; } - /* Or it's the host part HOME_PAGE_URL, and the path /config/ */ - else if ( (0 == strcmpic(host, HOME_PAGE_URL + 7 )) - && (0 == strncmpic(path,"/config", 7)) ) + /* Or it's the host part CGI_SITE_2_HOST, and the path CGI_SITE_2_PATH */ + else if ( ( (0 == strcmpic(host, CGI_SITE_2_HOST )) + || (0 == strcmpic(host, CGI_SITE_2_HOST ".")) ) + && (0 == strncmpic(path, CGI_SITE_2_PATH, strlen(CGI_SITE_2_PATH))) ) { - /* take everything following "/config" */ - path += 7; + /* take everything following CGI_SITE_2_PATH */ + path += strlen(CGI_SITE_2_PATH); if (*path == '/') { - /* skip the forward slash after "/config" */ + /* skip the forward slash after CGI_SITE_2_PATH */ path++; } else if (*path != '\0') { - /* wierdness: URL is /configXXX, where XXX is some string */ + /* + * wierdness: URL is /configXXX, where XXX is some string + * Do *NOT* intercept. + */ return NULL; } } @@ -590,13 +693,20 @@ struct http_response *error_response(struct client_state *csp, return cgi_error_memory(); } - err = map(exports, "host-html", 1, html_encode(csp->http->host), 0) - || map(exports, "hostport", 1, csp->http->hostport, 1) - || map(exports, "hostport-html", 1, html_encode(csp->http->hostport), 0) - || map(exports, "path", 1, csp->http->path, 1) - || map(exports, "path-html", 1, html_encode(csp->http->path), 0) - || map(exports, "error", 1, safe_strerror(sys_err), 0) - || map(exports, "host-ip", 1, csp->http->host_ip_addr_str, 1); + err = map(exports, "host", 1, html_encode(csp->http->host), 0); + if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0); + if (!err) err = map(exports, "path", 1, html_encode(csp->http->path), 0); + if (!err) err = map(exports, "error", 1, html_encode_and_free_original(safe_strerror(sys_err)), 0); + if (!err) + { + err = map(exports, "host-ip", 1, html_encode(csp->http->host_ip_addr_str), 0); + if (err) + { + /* Some failures, like "404 no such domain", don't have an IP address. */ + err = map(exports, "host-ip", 1, html_encode(csp->http->host), 0); + } + } + if (err) { @@ -661,7 +771,7 @@ void cgi_init_error_messages(void) "
JunkBuster ran out of memory whilst processing your request.
\r\n" + "JunkBuster ran out of memory while processing your request.
\r\n" "Please contact your proxy administrator, or try again later
\r\n" "\r\n" "