[w3m-dev 03644] Re: Other user can see local cookie.
* cookie.c (save_cookies): return if no_rc_dir * etc.c (tmpf_base): add cookie (tmpfname): use tmp_dir instead of rc_dir * file.c (loadGeneralFile): cookie is not passed via URL * fm.h (TMPF_COOKIE): incl (MAX_TMPF_TYPE): incl (no_rc_dir): added (tmp_dir): added (config_file): added * local.c (Local_cookie_file): added (writeLocalCookie): added (setLocalCookie): dont set environment LOCAL_COOKIE (localcgi_post): writeLocalCookie (localcgi_get): writeLocalCookie * main.c (config_filename): deleted (cmd_loadURL): arg FormList (main): rewrite config_file, rc (ldhelp): no cookie in URL (cmd_loadURL): arg FormList (goURL0): cmd_loadURL change (cmd_loadBuffer): cmd_loadURL change (adBmark): cookie is posted (follow_map): cmd_loadURL change (linkMn): cmd_loadURL change (reinit): init_rc change * proto.h (create_option_search_table): deleted (init_rc): no args * rc.c (create_option_search_table): static (init_rc): no args rewrite (optionpanel_src1): rewrite (load_option_panel): html_quote (panel_set_option): no_rc_dir * w3mbookmark.c: rewrite * w3mhelperpanel.c: rewrite * scripts/dirlist.cgi.in: rewrite * scripts/w3mhelp.cgi.in: rewrite * scripts/w3mmail.cgi.in: rewrite * scripts/multipart/multipart.cgi.in: rewrite From: Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
This commit is contained in:
Fumitoshi UKAI
@@ -28,24 +28,14 @@ if (defined($query)) {
|
||||
}
|
||||
$file = &form_decode($v{'file'});
|
||||
$boundary = &form_decode($v{'boundary'});
|
||||
$cookie = &form_decode($v{'cookie'});
|
||||
if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
|
||||
print <<EOF;
|
||||
Content-Type: text/plain
|
||||
|
||||
Local cookie doesn't match: It may be an illegal execution
|
||||
EOF
|
||||
exit(1);
|
||||
}
|
||||
} else {
|
||||
$file = $ARGV[0];
|
||||
if (@ARGV >= 2) {
|
||||
$boundary = $ARGV[1];
|
||||
}
|
||||
$cookie = $ENV{'LOCAL_COOKIE'};
|
||||
}
|
||||
|
||||
open(F, "< $file");
|
||||
(-f $file) || exit(1);
|
||||
open(F, "< $file") || exit(1);
|
||||
$end = 0;
|
||||
$mbody = '';
|
||||
if (defined($boundary)) {
|
||||
@@ -131,7 +121,6 @@ if (defined($v{'count'})) {
|
||||
$qcgi = &html_quote($CGI);
|
||||
$qfile = &html_quote($file);
|
||||
$qboundary = &html_quote($boundary);
|
||||
$qcookie = &html_quote($cookie);
|
||||
|
||||
if ($mbody =~ /\S/) {
|
||||
$_ = $mbody;
|
||||
@@ -196,20 +185,16 @@ while(! $end) {
|
||||
s/\>/\>/g;
|
||||
print "<pre>\n";
|
||||
print $_;
|
||||
print "\n</pre>\n";
|
||||
print "</pre>\n";
|
||||
if ($type =~ /name=\"?([^\"]+)\"?/ ||
|
||||
$dispos =~ /filename=\"?([^\"]+)\"?/) {
|
||||
$name = $1;
|
||||
} else {
|
||||
$name = "Content";
|
||||
}
|
||||
print "<form method=POST action=\"$qcgi?$count\">\n";
|
||||
print "<input type=hidden name=file value=\"$qfile\">\n";
|
||||
print "<input type=hidden name=boundary value=\"$qboundary\">\n";
|
||||
print "<input type=hidden name=cookie value=\"$qcookie\">\n";
|
||||
print "<input type=hidden name=count value=\"$count\">\n";
|
||||
print "<form action=\"$qcgi?file=$qfile&boundary=$qboundary&count=$count\">\n";
|
||||
if ($image) {
|
||||
print "<input type=image name=submit src=\"$CGI?file=$qfile&boundary=$qboundary&cookie=$qcookie&count=$count\" alt=\"",
|
||||
print "<input type=image name=submit src=\"$qcgi?file=$qfile&boundary=$qboundary&count=$count\" alt=\"",
|
||||
&html_quote($name), "\">\n";
|
||||
} else {
|
||||
print "<input type=submit name=submit value=\"",
|
||||
|
||||
Reference in New Issue
Block a user