X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=cgisimple.c;h=53634c800c5756ebebfe26d31b23536473aabff1;hp=851e0fc96dcde3576804a6cefc27149e4fd6c651;hb=8cf4267e59676eef748fe267e74baf3e05e3c9f1;hpb=297e12904dcb3ec64e43663ddd2f8976adf71549
diff --git a/cgisimple.c b/cgisimple.c
index 851e0fc9..53634c80 100644
--- a/cgisimple.c
+++ b/cgisimple.c
@@ -1,4 +1,4 @@
-const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.7 2001/10/23 21:48:19 jongfoster Exp $";
+const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.12 2002/01/23 01:03:32 jongfoster Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/cgisimple.c,v $
@@ -36,6 +36,27 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.7 2001/10/23 21:48:19 jongfos
*
* Revisions :
* $Log: cgisimple.c,v $
+ * Revision 1.12 2002/01/23 01:03:32 jongfoster
+ * Fixing gcc [CygWin] compiler warnings
+ *
+ * Revision 1.11 2002/01/23 00:01:04 jongfoster
+ * Adding cgi_transparent_gif() for http://i.j.b/t
+ * Adding missing html_encode() to many CGI functions.
+ * Adding urlmatch.[ch] to http://i.j.b/show-version
+ *
+ * Revision 1.10 2002/01/17 21:10:37 jongfoster
+ * Changes to cgi_show_url_info to use new matching code from urlmatch.c.
+ * Also fixing a problem in the same function with improperly quoted URLs
+ * in output HTML, and adding code to handle https:// URLs correctly.
+ *
+ * Revision 1.9 2001/11/30 23:09:15 jongfoster
+ * Now reports on FEATURE_CGI_EDIT_ACTIONS
+ * Removing FEATURE_DENY_GZIP from template
+ *
+ * Revision 1.8 2001/11/13 00:14:07 jongfoster
+ * Fixing stupid bug now I've figured out what || means.
+ * (It always returns 0 or 1, not one of it's paramaters.)
+ *
* Revision 1.7 2001/10/23 21:48:19 jongfoster
* Cleaning up error handling in CGI functions - they now send back
* a HTML error page and should never cause a FATAL error. (Fixes one
@@ -94,6 +115,7 @@ const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.7 2001/10/23 21:48:19 jongfos
#include "miscutil.h"
#include "loadcfg.h"
#include "parsers.h"
+#include "urlmatch.h"
const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION;
@@ -127,7 +149,6 @@ jb_err cgi_default(struct client_state *csp,
struct http_response *rsp,
const struct map *parameters)
{
- char *p;
char *tmp;
struct map *exports;
@@ -143,15 +164,9 @@ jb_err cgi_default(struct client_state *csp,
/* If there were other parameters, export a dump as "cgi-parameters" */
if (parameters->first)
{
- if (NULL == (p = dump_map(parameters)))
- {
- free_map(exports);
- return JB_ERR_MEMORY;
- }
tmp = strdup("What made you think this cgi takes parameters?\n"
"Anyway, here they are, in case you're interested:
\n");
- string_append(&tmp, p);
- free(p);
+ string_join(&tmp, dump_map(parameters));
if (tmp == NULL)
{
free_map(exports);
@@ -267,18 +282,19 @@ jb_err cgi_show_request(struct client_state *csp,
* be sending to the server if this wasn't a CGI call
*/
- if (map(exports, "client-request", 1, csp->iob->buf, 1))
+ if (map(exports, "client-request", 1, html_encode(csp->iob->buf), 0))
{
free_map(exports);
return JB_ERR_MEMORY;
}
- if (map(exports, "processed-request", 1, sed(client_patterns, add_client_headers, csp), 0))
+ if (map(exports, "processed-request", 1, html_encode_and_free_original(
+ sed(client_patterns, add_client_headers, csp)), 0))
{
free_map(exports);
return JB_ERR_MEMORY;
}
-
+
return template_fill_for_cgi(csp, "show-request", exports, rsp);
}
@@ -295,8 +311,10 @@ jb_err cgi_show_request(struct client_state *csp,
* 3 : parameters = map of cgi parameters
*
* CGI Parameters :
- * type : Selects the type of banner between "trans" and "jb".
- * Defaults to "jb" if absent or != "trans".
+ * type : Selects the type of banner between "trans", "logo",
+ * and "auto". Defaults to "logo" if absent or invalid.
+ * "auto" means to select as if we were image-blocking.
+ * (Only the first character really counts).
*
* Returns : JB_ERR_OK on success
* JB_ERR_MEMORY on out-of-memory error.
@@ -305,8 +323,29 @@ jb_err cgi_show_request(struct client_state *csp,
jb_err cgi_send_banner(struct client_state *csp,
struct http_response *rsp,
const struct map *parameters)
-{
- if (strcmp(lookup(parameters, "type"), "trans"))
+{
+ char imagetype = lookup(parameters, "type")[0];
+
+ if (imagetype == 'a') /* auto */
+ {
+ /* Default to logo */
+ imagetype = 'l';
+#ifdef FEATURE_IMAGE_BLOCKING
+ if ((csp->action->flags & ACTION_IMAGE_BLOCKER) != 0)
+ {
+ /* determine HOW images should be blocked */
+ const char * p = csp->action->string[ACTION_STRING_IMAGE_BLOCKER];
+
+ /* and handle accordingly: */
+ if ((p != NULL) && (0 == strcmpic(p, "blank")))
+ {
+ imagetype = 't';
+ }
+ }
+#endif /* def FEATURE_IMAGE_BLOCKING */
+ }
+
+ if ((imagetype != 't') && (imagetype != 'b')) /* transparant/blank */
{
rsp->body = bindup(image_junkbuster_gif_data, image_junkbuster_gif_length);
rsp->content_length = image_junkbuster_gif_length;
@@ -334,6 +373,47 @@ jb_err cgi_send_banner(struct client_state *csp,
}
+/*********************************************************************
+ *
+ * Function : cgi_transparent_gif
+ *
+ * Description : CGI function that sends a 1x1 transparent GIF.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : rsp = http_response data structure for output
+ * 3 : parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns : JB_ERR_OK on success
+ * JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_transparent_gif(struct client_state *csp,
+ struct http_response *rsp,
+ const struct map *parameters)
+{
+ rsp->body = bindup(image_blank_gif_data, image_blank_gif_length);
+ rsp->content_length = image_blank_gif_length;
+
+ if (rsp->body == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ if (enlist(rsp->headers, "Content-Type: image/gif"))
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ rsp->is_static = 1;
+
+ return JB_ERR_OK;
+
+}
+
+
/*********************************************************************
*
* Function : cgi_show_version
@@ -410,7 +490,6 @@ jb_err cgi_show_status(struct client_state *csp,
FILE * fp;
char buf[BUFFER_SIZE];
- char * p;
const char * filename = NULL;
char * file_description = NULL;
#ifdef FEATURE_STATISTICS
@@ -482,13 +561,8 @@ jb_err cgi_show_status(struct client_state *csp,
s = strdup("");
while ((s != NULL) && fgets(buf, sizeof(buf), fp))
{
- p = html_encode(buf);
- if (p)
- {
- string_append(&s, p);
- freez(p);
- string_append(&s, "
");
- }
+ string_join (&s, html_encode(buf));
+ string_append(&s, "
");
}
fclose(fp);
@@ -502,16 +576,16 @@ jb_err cgi_show_status(struct client_state *csp,
return template_fill_for_cgi(csp, "show-status-file", exports, rsp);
}
- if (map(exports, "redirect-url", 1, REDIRECT_URL, 1))
+ if (map(exports, "redirect-url", 1, html_encode(REDIRECT_URL), 0))
{
free_map(exports);
return JB_ERR_MEMORY;
}
s = strdup("");
- for (i=0; i < Argc; i++)
+ for (i = 0; (s != NULL) && (i < Argc); i++)
{
- string_append(&s, Argv[i]);
+ string_join (&s, html_encode(Argv[i]));
string_append(&s, " ");
}
if (map(exports, "invocation", 1, s, 0))
@@ -564,7 +638,7 @@ jb_err cgi_show_status(struct client_state *csp,
if (csp->actions_list)
{
- if (!err) err = map(exports, "actions-filename", 1, csp->actions_list->filename, 1);
+ if (!err) err = map(exports, "actions-filename", 1, html_encode(csp->actions_list->filename), 0);
}
else
{
@@ -573,7 +647,7 @@ jb_err cgi_show_status(struct client_state *csp,
if (csp->rlist)
{
- if (!err) err = map(exports, "re-filter-filename", 1, csp->rlist->filename, 1);
+ if (!err) err = map(exports, "re-filter-filename", 1, html_encode(csp->rlist->filename), 0);
}
else
{
@@ -583,7 +657,7 @@ jb_err cgi_show_status(struct client_state *csp,
#ifdef FEATURE_TRUST
if (csp->tlist)
{
- if (!err) err = map(exports, "trust-filename", 1, csp->tlist->filename, 1);
+ if (!err) err = map(exports, "trust-filename", 1, html_encode(csp->tlist->filename), 0);
}
else
{
@@ -630,8 +704,7 @@ jb_err cgi_show_url_info(struct client_state *csp,
struct http_response *rsp,
const struct map *parameters)
{
- const char *url_param_const;
- char *host = NULL;
+ char *url_param;
struct map *exports;
assert(csp);
@@ -643,9 +716,72 @@ jb_err cgi_show_url_info(struct client_state *csp,
return JB_ERR_MEMORY;
}
- url_param_const = lookup(parameters, "url");
- if (*url_param_const == '\0')
+ /*
+ * Get the url= parameter (if present) and remove any leading/trailing spaces.
+ */
+ url_param = strdup(lookup(parameters, "url"));
+ if (url_param == NULL)
+ {
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
+ chomp(url_param);
+
+ /*
+ * Handle prefixes. 4 possibilities:
+ * 1) "http://" or "https://" prefix present and followed by URL - OK
+ * 2) Only the "http://" or "https://" part is present, no URL - change
+ * to empty string so it will be detected later as "no URL".
+ * 3) Parameter specified but doesn't contain "http(s?)://" - add a
+ * "http://" prefix.
+ * 4) Parameter not specified or is empty string - let this fall through
+ * for now, next block of code will handle it.
+ */
+ if (0 == strncmp(url_param, "http://", 7))
+ {
+ if (url_param[7] == '\0')
+ {
+ /*
+ * Empty URL (just prefix).
+ * Make it totally empty so it's caught by the next if()
+ */
+ url_param[0] = '\0';
+ }
+ }
+ else if (0 == strncmp(url_param, "https://", 8))
+ {
+ if (url_param[8] == '\0')
+ {
+ /*
+ * Empty URL (just prefix).
+ * Make it totally empty so it's caught by the next if()
+ */
+ url_param[0] = '\0';
+ }
+ }
+ else if (url_param[0] != '\0')
+ {
+ /*
+ * Unknown prefix - assume http://
+ */
+ char * url_param_prefixed = malloc(7 + 1 + strlen(url_param));
+ if (NULL == url_param_prefixed)
+ {
+ free(url_param);
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
+ strcpy(url_param_prefixed, "http://");
+ strcpy(url_param_prefixed + 7, url_param);
+ free(url_param);
+ url_param = url_param_prefixed;
+ }
+
+
+ if (url_param[0] == '\0')
{
+ /* URL paramater not specified, display query form only. */
+ free(url_param);
if (map_block_killer(exports, "url-given")
|| map(exports, "url", 1, "", 1))
{
@@ -655,28 +791,17 @@ jb_err cgi_show_url_info(struct client_state *csp,
}
else
{
- char *url_param;
+ /* Given a URL, so query it. */
+ jb_err err;
char *matches;
- char *path;
char *s;
- int port = 80;
int hits = 0;
struct file_list *fl;
struct url_actions *b;
- struct url_spec url[1];
+ struct http_request url_to_query[1];
struct current_action_spec action[1];
- if (NULL == (url_param = strdup(url_param_const)))
- {
- free_map(exports);
- return JB_ERR_MEMORY;
- }
-
- host = url_param;
- host += (strncmp(url_param, "http://", 7)) ? 0 : 7;
-
- if (map(exports, "url", 1, host, 1)
- || map(exports, "url-html", 1, html_encode(host), 0))
+ if (map(exports, "url", 1, html_encode(url_param), 0))
{
free(url_param);
free_map(exports);
@@ -685,8 +810,8 @@ jb_err cgi_show_url_info(struct client_state *csp,
init_current_action(action);
- s = current_action_to_text(action);
- if (map(exports, "default", 1, s , 0))
+ if (map(exports, "default", 1, html_encode_and_free_original(
+ current_action_to_text(action)), 0))
{
free_current_action(action);
free(url_param);
@@ -696,10 +821,8 @@ jb_err cgi_show_url_info(struct client_state *csp,
if (((fl = csp->actions_list) == NULL) || ((b = fl->f) == NULL))
{
- jb_err err;
-
- err = map(exports, "matches", 1, "none" , 1)
- || map(exports, "final", 1, lookup(exports, "default"), 1);
+ err = map(exports, "matches", 1, "none" , 1);
+ if (!err) err = map(exports, "final", 1, lookup(exports, "default"), 1);
free_current_action(action);
free(url_param);
@@ -713,44 +836,23 @@ jb_err cgi_show_url_info(struct client_state *csp,
return template_fill_for_cgi(csp, "show-url-info", exports, rsp);
}
- s = strchr(host, '/');
- if (s != NULL)
- {
- path = strdup(s);
- *s = '\0';
- }
- else
- {
- path = strdup("");
- }
- if (NULL == path)
+ err = parse_http_url(url_param, url_to_query, csp);
+
+ free(url_param);
+
+ if (err == JB_ERR_MEMORY)
{
free_current_action(action);
- free(url_param);
free_map(exports);
return JB_ERR_MEMORY;
}
-
- s = strchr(host, ':');
- if (s != NULL)
+ else if (err)
{
- *s++ = '\0';
- port = atoi(s);
- s = NULL;
- }
+ /* Invalid URL */
- *url = dsplit(host);
+ err = map(exports, "matches", 1, "[Invalid URL specified!]" , 1);
+ if (!err) err = map(exports, "final", 1, lookup(exports, "default"), 1);
- /* if splitting the domain fails, punt */
- if (url->dbuf == NULL)
- {
- jb_err err;
-
- err = map(exports, "matches", 1, "none" , 1)
- || map(exports, "final", 1, lookup(exports, "default"), 1);
-
- freez(url_param);
- freez(path);
free_current_action(action);
if (err)
@@ -762,53 +864,45 @@ jb_err cgi_show_url_info(struct client_state *csp,
return template_fill_for_cgi(csp, "show-url-info", exports, rsp);
}
+ /*
+ * We have a warning about SSL paths. Hide it for insecure sites.
+ */
+ if (!url_to_query->ssl)
+ {
+ if (map_block_killer(exports, "https"))
+ {
+ free_current_action(action);
+ free_map(exports);
+ return JB_ERR_MEMORY;
+ }
+ }
+
matches = strdup("");
- for (b = b->next; NULL != b; b = b->next)
+ for (b = b->next; (b != NULL) && (matches != NULL); b = b->next)
{
- if ((b->url->port == 0) || (b->url->port == port))
+ if (url_match(b->url, url_to_query))
{
- if ((b->url->domain[0] == '\0') || (domaincmp(b->url, url) == 0))
+ string_append(&matches, "{");
+ string_join (&matches, html_encode_and_free_original(
+ actions_to_text(b->action)));
+ string_append(&matches, " }
\n");
+ string_join (&matches, html_encode(b->url->spec));
+ string_append(&matches, "
\n
\n");
+
+ if (merge_current_action(action, b->action))
{
- if ((b->url->path == NULL) ||
-#ifdef REGEX
- (regexec(b->url->preg, path, 0, NULL, 0) == 0)
-#else
- (strncmp(b->url->path, path, b->url->pathlen) == 0)
-#endif
- )
- {
- s = actions_to_text(b->action);
- if (s == NULL)
- {
- freez(url->dbuf);
- freez(url->dvec);
-
- free(url_param);
- free(path);
- free_current_action(action);
- free_map(exports);
- return JB_ERR_MEMORY;
- }
- string_append(&matches, "{");
- string_append(&matches, s);
- string_append(&matches, " }
\n");
- string_append(&matches, b->url->spec);
- string_append(&matches, "
\n
\n");
- free(s);
-
- merge_current_action(action, b->action); /* FIXME: Add error checking */
- hits++;
- }
+ freez(matches);
+ free_http_request(url_to_query);
+ free_current_action(action);
+ free_map(exports);
+ return JB_ERR_MEMORY;
}
+ hits++;
}
}
- freez(url->dbuf);
- freez(url->dvec);
-
- free(url_param);
- free(path);
+ free_http_request(url_to_query);
if (matches == NULL)
{
@@ -829,7 +923,7 @@ jb_err cgi_show_url_info(struct client_state *csp,
return JB_ERR_MEMORY;
}
- s = current_action_to_text(action);
+ s = html_encode_and_free_original(current_action_to_text(action));
free_current_action(action);
@@ -916,6 +1010,12 @@ static jb_err show_defines(struct map *exports)
if (!err) err = map_conditional(exports, "FEATURE_ACL", 0);
#endif /* ndef FEATURE_ACL */
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+ if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 1);
+#else /* ifndef FEATURE_COOKIE_JAR */
+ if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 0);
+#endif /* ndef FEATURE_COOKIE_JAR */
+
#ifdef FEATURE_COOKIE_JAR
if (!err) err = map_conditional(exports, "FEATURE_COOKIE_JAR", 1);
#else /* ifndef FEATURE_COOKIE_JAR */
@@ -1085,6 +1185,8 @@ static char *show_rcs(void)
SHOW_RCS(project_h_rcs)
SHOW_RCS(ssplit_h_rcs)
SHOW_RCS(ssplit_rcs)
+ SHOW_RCS(urlmatch_h_rcs)
+ SHOW_RCS(urlmatch_rcs)
#ifdef _WIN32
#ifndef _WIN_CONSOLE
SHOW_RCS(w32log_h_rcs)