X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgisimple.c;h=22f5dd8b3f7b14b922d349ff4bc979ccd2035aae;hp=3db9ab194e3c4ae0de88c92b272e4f7f110ddf60;hb=f8e10b0e3ce35c32fe782e5871275b27650aa31b;hpb=72081f829de368392d04076728f8c991178c0080 diff --git a/cgisimple.c b/cgisimple.c index 3db9ab19..22f5dd8b 100644 --- a/cgisimple.c +++ b/cgisimple.c @@ -1,7 +1,7 @@ -const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.35.2.7 2006/01/29 23:10:56 david__schmidt Exp $"; +const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.49 2007/01/20 16:29:38 fabiankeil Exp $"; /********************************************************************* * - * File : $Source: /cvsroot/ijbswa/current/Attic/cgisimple.c,v $ + * File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $ * * Purpose : Simple CGIs to get information about Privoxy's * status. @@ -9,7 +9,7 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.35.2.7 2006/01/29 23:10:56 da * Functions declared include: * * - * Copyright : Written by and Copyright (C) 2001 the SourceForge + * Copyright : Written by and Copyright (C) 2001-2007 the SourceForge * Privoxy team. http://www.privoxy.org/ * * Based on the Internet Junkbuster originally written @@ -36,6 +36,74 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.35.2.7 2006/01/29 23:10:56 da * * Revisions : * $Log: cgisimple.c,v $ + * Revision 1.49 2007/01/20 16:29:38 fabiankeil + * Suppress edit buttons for action files if Privoxy has + * no write access. Suggested by Roland in PR 1564026. + * + * Revision 1.48 2007/01/20 15:31:31 fabiankeil + * Display warning if show-url-info CGI page + * is used while Privoxy is toggled off. + * + * Revision 1.47 2007/01/12 15:07:10 fabiankeil + * Use zalloc in cgi_send_user_manual. + * + * Revision 1.46 2007/01/02 12:49:46 fabiankeil + * Add FEATURE_ZLIB to the list of conditional + * defines at the show-status page. + * + * Revision 1.45 2006/12/28 18:16:41 fabiankeil + * Fixed gcc43 compiler warnings, zero out cgi_send_user_manual's + * body memory before using it, replaced sprintf calls with snprintf. + * + * Revision 1.44 2006/12/22 14:19:27 fabiankeil + * Removed checks whether or not AF_FILES have + * data structures associated with them in cgi_show_status. + * It doesn't matter as we're only interested in the file names. + * + * For the action files the checks were always true, + * but they prevented empty filter files from being + * listed. Fixes parts of BR 1619208. + * + * Revision 1.43 2006/12/17 17:57:56 fabiankeil + * - Added FEATURE_GRACEFUL_TERMINATION to the + * "conditional #defines" section + * - Escaped ampersands in generated HTML. + * - Renamed re-filter-filename to re-filter-filenames + * + * Revision 1.42 2006/11/21 15:43:12 fabiankeil + * Add special treatment for WIN32 to make sure + * cgi_send_user_manual opens the files in binary mode. + * Fixes BR 1600411 and unbreaks image delivery. + * + * Remove outdated comment. + * + * Revision 1.41 2006/10/09 19:18:28 roro + * Redirect http://p.p/user-manual (without trailing slash) to + * http://p.p/user-manual/ (with trailing slash), otherwise links will be broken. + * + * Revision 1.40 2006/09/09 13:05:33 fabiankeil + * Modified cgi_send_user_manual to serve binary + * content without destroying it first. Should also be + * faster now. Added ".jpg" check for Content-Type guessing. + * + * Revision 1.39 2006/09/08 09:49:23 fabiankeil + * Deliver documents in the user-manual directory + * with "Content-Type text/css" if their filename + * ends with ".css". + * + * Revision 1.38 2006/09/06 18:45:03 fabiankeil + * Incorporate modified version of Roland Rosenfeld's patch to + * optionally access the user-manual via Privoxy. Closes patch 679075. + * + * Formatting changed to Privoxy style, added call to + * cgi_error_no_template if the requested file doesn't + * exist and modified check whether or not Privoxy itself + * should serve the manual. Should work cross-platform now. + * + * Revision 1.37 2006/07/18 14:48:45 david__schmidt + * Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch) + * with what was really the latest development (the v_3_0_branch branch) + * * Revision 1.35.2.7 2006/01/29 23:10:56 david__schmidt * Multiple filter file support * @@ -221,6 +289,10 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.35.2.7 2006/01/29 23:10:56 da #include #include +#ifdef HAVE_ACCESS +#include +#endif /* def HAVE_ACCESS */ + #ifdef _WIN32 #define snprintf _snprintf #endif /* def _WIN32 */ @@ -245,6 +317,41 @@ const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION; static char *show_rcs(void); static jb_err show_defines(struct map *exports); +/* + * 16x16 ico blobs for favicon delivery functions. + */ +const char default_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; +const char error_favicon_data[] = + "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260" + "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000" + "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000" + "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000" + "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077" + "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000" + "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000" + "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036" + "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360" + "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" + "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360" + "\017\000\000"; +const size_t default_favicon_length = sizeof(default_favicon_data) - 1; +const size_t error_favicon_length = sizeof(error_favicon_data) - 1; /********************************************************************* * @@ -607,6 +714,88 @@ jb_err cgi_transparent_image(struct client_state *csp, } +/********************************************************************* + * + * Function : cgi_send_default_favicon + * + * Description : CGI function that sends the standard favicon. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_default_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + rsp->body = bindup(default_favicon_data, default_favicon_length); + rsp->content_length = default_favicon_length; + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + + if (enlist(rsp->headers, "Content-Type: image/x-icon")) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + + return JB_ERR_OK; + +} + + +/********************************************************************* + * + * Function : cgi_send_error_favicon + * + * Description : CGI function that sends the favicon for error pages. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : None + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_error_favicon(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + rsp->body = bindup(error_favicon_data, error_favicon_length); + rsp->content_length = error_favicon_length; + + if (rsp->body == NULL) + { + return JB_ERR_MEMORY; + } + + if (enlist(rsp->headers, "Content-Type: image/x-icon")) + { + return JB_ERR_MEMORY; + } + + rsp->is_static = 1; + + return JB_ERR_OK; + +} + + /********************************************************************* * * Function : cgi_send_stylesheet @@ -656,6 +845,129 @@ jb_err cgi_send_stylesheet(struct client_state *csp, return JB_ERR_OK; } +/********************************************************************* + * + * Function : cgi_send_user_manual + * + * Description : CGI function that sends a file in the user + * manual directory. + * + * Parameters : + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : rsp = http_response data structure for output + * 3 : parameters = map of cgi parameters + * + * CGI Parameters : file=name.html, the name of the HTML file + * (relative to user-manual from config) + * + * Returns : JB_ERR_OK on success + * JB_ERR_MEMORY on out-of-memory error. + * + *********************************************************************/ +jb_err cgi_send_user_manual(struct client_state *csp, + struct http_response *rsp, + const struct map *parameters) +{ + const char * filename; + char *full_path; + FILE *fp; + jb_err err = JB_ERR_OK; + size_t length; + + assert(csp); + assert(rsp); + assert(parameters); + + if (!parameters->first) + { + /* requested http://p.p/user-manual (without trailing slash) */ + return cgi_redirect(rsp, CGI_PREFIX "user-manual/"); + } + + get_string_param(parameters, "file", &filename); + /* Check paramter for hack attempts */ + if (filename && strchr(filename, '/')) + { + return JB_ERR_CGI_PARAMS; + } + if (filename && strstr(filename, "..")) + { + return JB_ERR_CGI_PARAMS; + } + + full_path = make_path(csp->config->usermanual, filename ? filename : "index.html"); + if (full_path == NULL) + { + return JB_ERR_MEMORY; + } + + /* Open user-manual file */ +#ifdef WIN32 + /* + * XXX: Do we support other operating systems that + * require special treatment to fopen in binary mode? + */ + if (NULL == (fp = fopen(full_path, "rb"))) +#else + if (NULL == (fp = fopen(full_path, "r"))) +#endif /* def WIN32 */ + { + log_error(LOG_LEVEL_ERROR, "Cannot open user-manual file %s: %E", full_path); + err = cgi_error_no_template(csp, rsp, full_path); + free(full_path); + return err; + } + + /* Get file length */ + fseek(fp, 0, SEEK_END); + length = (size_t)ftell(fp); + fseek(fp, 0, SEEK_SET); + + /* Allocate memory and load the file directly into the body */ + rsp->body = (char *)zalloc(length+1); + if (!rsp->body) + { + fclose(fp); + free(full_path); + return JB_ERR_MEMORY; + } + if (!fread(rsp->body, length, 1, fp)) + { + /* + * This happens if we didn't fopen in binary mode. + * If it does, we just log it and serve what we got. + */ + log_error(LOG_LEVEL_ERROR, "Couldn't completely read user-manual file %s.", full_path); + } + fclose(fp); + free(full_path); + + rsp->content_length = length; + + /* Guess correct Content-Type based on the filename's ending */ + if (filename) + { + length = strlen(filename); + } + else + { + length = 0; + } + if((length>=4) && !strcmp(&filename[length-4], ".css")) + { + err = enlist(rsp->headers, "Content-Type: text/css"); + } + else if((length>=4) && !strcmp(&filename[length-4], ".jpg")) + { + err = enlist(rsp->headers, "Content-Type: image/jpeg"); + } + else + { + err = enlist(rsp->headers, "Content-Type: text/html"); + } + + return err; +} /********************************************************************* @@ -705,7 +1017,7 @@ jb_err cgi_show_version(struct client_state *csp, * * Function : cgi_show_status * - * Description : CGI function that returns a a web page describing the + * Description : CGI function that returns a web page describing the * current status of Privoxy. * * Parameters : @@ -742,8 +1054,6 @@ jb_err cgi_show_status(struct client_state *csp, int local_urls_read; int local_urls_rejected; #endif /* ndef FEATURE_STATISTICS */ - struct file_list * fl; - struct url_actions * b; jb_err err = JB_ERR_OK; struct map *exports; @@ -864,13 +1174,13 @@ jb_err cgi_show_status(struct client_state *csp, perc_rej = (float)local_urls_rejected * 100.0F / (float)local_urls_read; - sprintf(buf, "%d", local_urls_read); + snprintf(buf, sizeof(buf), "%d", local_urls_read); if (!err) err = map(exports, "requests-received", 1, buf, 1); - sprintf(buf, "%d", local_urls_rejected); + snprintf(buf, sizeof(buf), "%d", local_urls_rejected); if (!err) err = map(exports, "requests-blocked", 1, buf, 1); - sprintf(buf, "%6.2f", perc_rej); + snprintf(buf, sizeof(buf), "%6.2f", perc_rej); if (!err) err = map(exports, "percent-blocked", 1, buf, 1); } @@ -887,18 +1197,30 @@ jb_err cgi_show_status(struct client_state *csp, s = strdup(""); for (i = 0; i < MAX_AF_FILES; i++) { - if (((fl = csp->actions_list[i]) != NULL) && ((b = fl->f) != NULL)) + if (csp->actions_list[i] != NULL) { if (!err) err = string_append(&s, ""); if (!err) err = string_join(&s, html_encode(csp->actions_list[i]->filename)); - snprintf(buf, 100, "View", i); + snprintf(buf, 100, "View", i); if (!err) err = string_append(&s, buf); #ifdef FEATURE_CGI_EDIT_ACTIONS if (NULL == strstr(csp->actions_list[i]->filename, "standard.action") && NULL != csp->config->actions_file_short[i]) { - snprintf(buf, 100, "  Edit", csp->config->actions_file_short[i]); - if (!err) err = string_append(&s, buf); +#ifdef HAVE_ACCESS + if (access(csp->config->actions_file[i], W_OK) == 0) + { +#endif /* def HAVE_ACCESS */ + snprintf(buf, 100, "  Edit", + csp->config->actions_file_short[i]); + if (!err) err = string_append(&s, buf); +#ifdef HAVE_ACCESS + } + else + { + if (!err) err = string_append(&s, "  No write access."); + } +#endif /* def HAVE_ACCESS */ } #endif @@ -921,22 +1243,23 @@ jb_err cgi_show_status(struct client_state *csp, s = strdup(""); for (i = 0; i < MAX_AF_FILES; i++) { - if (((fl = csp->rlist[i]) != NULL) && ((b = fl->f) != NULL)) + if (csp->rlist[i] != NULL) { if (!err) err = string_append(&s, ""); if (!err) err = string_join(&s, html_encode(csp->rlist[i]->filename)); - snprintf(buf, 100, "View", i); + snprintf(buf, 100, + "View", i); if (!err) err = string_append(&s, buf); if (!err) err = string_append(&s, "\n"); } } if (*s != '\0') { - if (!err) err = map(exports, "re-filter-filename", 1, s, 0); + if (!err) err = map(exports, "re-filter-filenames", 1, s, 0); } else { - if (!err) err = map(exports, "re-filter-filename", 1, "None specified", 1); + if (!err) err = map(exports, "re-filter-filenames", 1, "None specified", 1); if (!err) err = map_block_killer(exports, "have-filterfile"); } @@ -1065,6 +1388,19 @@ jb_err cgi_show_url_info(struct client_state *csp, url_param = url_param_prefixed; } + /* + * Hide "toggle off" warning if Privoxy is toggled on. + */ + if ( +#ifdef FEATURE_TOGGLE + (global_toggle_state == 1) && +#endif /* def FEATURE_TOGGLE */ + map_block_killer(exports, "privoxy-is-toggled-off") + ) + { + free_map(exports); + return JB_ERR_MEMORY; + } if (url_param[0] == '\0') { @@ -1167,7 +1503,7 @@ jb_err cgi_show_url_info(struct client_state *csp, /* FIXME: Hardcoded HTML! */ string_append(&matches, "In file: "); string_join (&matches, html_encode(csp->config->actions_file_short[i])); - snprintf(buf, 150, ".action ", i); + snprintf(buf, 150, ".action ", i); string_append(&matches, buf); string_append(&matches, "View"); #ifdef FEATURE_CGI_EDIT_ACTIONS @@ -1340,6 +1676,12 @@ static jb_err show_defines(struct map *exports) if (!err) err = map(exports, "FORCE_PREFIX", 1, "(none - disabled)", 1); #endif /* ndef FEATURE_FORCE_LOAD */ +#ifdef FEATURE_GRACEFUL_TERMINATION + if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 1); +#else /* ifndef FEATURE_GRACEFUL_TERMINATION */ + if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 0); +#endif /* ndef FEATURE_GRACEFUL_TERMINATION */ + #ifdef FEATURE_IMAGE_BLOCKING if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 1); #else /* ifndef FEATURE_IMAGE_BLOCKING */ @@ -1388,6 +1730,12 @@ static jb_err show_defines(struct map *exports) if (!err) err = map_conditional(exports, "FEATURE_TRUST", 0); #endif /* ndef FEATURE_TRUST */ +#ifdef FEATURE_ZLIB + if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 1); +#else /* ifndef FEATURE_ZLIB */ + if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 0); +#endif /* ndef FEATURE_ZLIB */ + #ifdef STATIC_PCRE if (!err) err = map_conditional(exports, "STATIC_PCRE", 1); #else /* ifndef STATIC_PCRE */ @@ -1428,7 +1776,7 @@ static char *show_rcs(void) #define SHOW_RCS(__x) \ { \ extern const char __x[]; \ - sprintf(buf, "%s\n", __x); \ + snprintf(buf, sizeof(buf), " %s\n", __x); \ string_append(&result, buf); \ }