* This only contains the framework functions, the
* actual handler functions are declared elsewhere.
*
- * Copyright : Written by and Copyright (C) 2001-2020
+ * Copyright : Written by and Copyright (C) 2001-2021
* members of the Privoxy team. https://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
*/
{ "client-tags",
cgi_show_client_tags,
- "View or toggle the tags that can be set based on the clients address",
+ "View or toggle the tags that can be set based on the client's address",
TRUE },
#endif
{ "show-request",
{ "user-manual",
cgi_send_user_manual,
NULL, TRUE /* Send user-manual */ },
+ { "wpad.dat",
+ cgi_send_wpad,
+ NULL, TRUE /* Send wpad.dat proxy autoconfiguration file */ },
{ NULL, /* NULL Indicates end of list and default page */
cgi_error_404,
NULL, TRUE /* Unknown CGI page */ }
log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.",
csp->http->url);
}
- else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1))
+ else if ((0 == strncmp(referrer, CGI_PREFIX_HTTP, sizeof(CGI_PREFIX_HTTP)-1))
#ifdef FEATURE_HTTPS_INSPECTION
|| (0 == strncmp(referrer, CGI_PREFIX_HTTPS, sizeof(CGI_PREFIX_HTTPS)-1))
|| (0 == strncmp(referrer, alt_prefix_https, strlen(alt_prefix_https)))
*query_args_start++ = '\0';
param_list = new_map();
err = map(param_list, "file", 1, url_decode(query_args_start), 0);
- if (JB_ERR_OK != err) {
+ if (JB_ERR_OK != err)
+ {
free(param_list);
free(path_copy);
return cgi_error_memory();
* The same hack is used in get_last_url() so it looks like
* a real solution is needed.
*/
- size_t max_segments = strlen(argstring) / 2;
- if (max_segments == 0)
- {
- /*
- * XXX: If the argstring is empty, there's really
- * no point in creating a param list, but currently
- * other parts of Privoxy depend on the list's existence.
- */
- max_segments = 1;
- }
+ size_t max_segments = strlen(argstring) / 2 + 1;
vector = malloc_or_die(max_segments * sizeof(char *));
cgi_params = new_map();
").</p>\n"
"</body>\n"
"</html>\n";
- const size_t body_size = strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1;
+ size_t body_size = strlen(body_prefix) + strlen(body_suffix) + 1;
+ const char *encoded_template_name;
assert(csp);
assert(rsp);
rsp->head_length = 0;
rsp->is_static = 0;
+ encoded_template_name = html_encode(template_name);
+ if (encoded_template_name == NULL)
+ {
+ return JB_ERR_MEMORY;
+ }
+
+ body_size += strlen(encoded_template_name);
rsp->body = malloc_or_die(body_size);
strlcpy(rsp->body, body_prefix, body_size);
- strlcat(rsp->body, template_name, body_size);
+ strlcat(rsp->body, encoded_template_name, body_size);
+ freez(encoded_template_name);
strlcat(rsp->body, body_suffix, body_size);
rsp->status = strdup(status);
static const char body_suffix[] =
"</b></p>\n"
"<p>Please "
- "<a href=\"http://sourceforge.net/tracker/?group_id=11118&atid=111118\">"
+ "<a href=\"https://sourceforge.net/p/ijbswa/bugs/\">"
"file a bug report</a>.</p>\n"
"</body>\n"
"</html>\n";
(Bytef *)buffer, *buffer_length, compression_level))
{
log_error(LOG_LEVEL_ERROR,
- "compress2() failed. Buffer size: %d, compression level: %d.",
+ "compress2() failed. Buffer size: %lu, compression level: %d.",
new_length, compression_level);
freez(compressed_buffer);
return NULL;
}
log_error(LOG_LEVEL_RE_FILTER,
- "Compressed content from %d to %d bytes. Compression level: %d",
+ "Compressed content from %lu to %lu bytes. Compression level: %d",
*buffer_length, new_length, compression_level);
*buffer_length = (size_t)new_length;
char buf[BUFFER_SIZE];
char *tmp_out_buffer;
char *file_buffer;
- size_t size;
+ size_t buffer_size, new_size;
int error;
const char *flags;
assert(exports);
file_buffer = *template_ptr;
- size = strlen(file_buffer) + 1;
+ buffer_size = strlen(file_buffer) + 1;
/*
* Assemble pcrs joblist from exports map
}
else
{
- error = pcrs_execute(job, file_buffer, size, &tmp_out_buffer, &size);
+ error = pcrs_execute(job, file_buffer, buffer_size, &tmp_out_buffer,
+ &new_size);
+
+ buffer_size = new_size;
pcrs_free_job(job);
if (NULL == tmp_out_buffer)
if (!err) err = map(exports, "homepage", 1, html_encode(HOME_PAGE_URL), 0);
if (!err)
{
- err = map(exports, "default-cgi", 1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
- client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
- CGI_PREFIX), 0);
+ err = map(exports, "default-cgi", 1, html_encode(CGI_PREFIX), 0);
}
if (!err) err = map(exports, "menu", 1, make_menu(csp, caller), 0);
if (!err) err = map(exports, "code-status", 1, CODE_STATUS, 1);
/* Manual is delivered by Privoxy. */
if (!err)
{
- err = map(exports, "user-manual", 1, html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
- client_use_ssl(csp) ? CGI_PREFIX_HTTPS"user-manual/" :
-#endif
- CGI_PREFIX"user-manual/"), 0);
+ err = map(exports, "user-manual", 1, html_encode(CGI_PREFIX"user-manual/"), 0);
}
}
if (!err) err = map(exports, "actions-help-prefix", 1, ACTIONS_HELP_PREFIX ,1);
* the "blocked" template's JavaScript.
*/
string_append(&result, "<li><a href=\"");
- html_encoded_prefix = html_encode(
-#ifdef FEATURE_HTTPS_INSPECTION
- client_use_ssl(csp) ? CGI_PREFIX_HTTPS :
-#endif
- CGI_PREFIX);
+ html_encoded_prefix = html_encode(CGI_PREFIX);
if (html_encoded_prefix == NULL)
{
return NULL;