storm/w3m
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use local_cookie for support local-cgi commands

Browse Source 
* file.c (loadGeneralFile): pass Local_cookie to DirBufferCommand
* fm.h (Local_cookie): Str
* local.c (setLocalCookie): Str, set_environ()
	(set_cgi_environ): remove LOCAL_COOKIE
* main.c (ldhelp): pass Local_cookie
	(adBmark): ditto
* rc.c (optionpanel_src1): cookie
	(load_option_panel): pass Local_cookie
* w3mbookmark.c (main): check Local_cookie
* w3mhelperpanel (main): ditto
* scripts/dirlist.cgi.in: ditto
* scripts/w3mhelp.cgi.in: ditto
* scripts/multipart/multipart.cgi.in: ditto
From: Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
This commit is contained in:
Fumitoshi UKAI
2002-11-26 18:03:18 +00:00
parent 0449e072cc
commit 77e0acc0d3
11 changed files with 123 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
scripts/dirlist.cgi.in
View File

@@ -30,15 +30,17 @@ $NOW = time();
@OPT = &init_option($CONFIG);
$query = $ENV{'QUERY_STRING'};
$dir = '';
$cmd = '';
$cgi = 0;
if ($query eq '') {
$_ = `pwd`; # insecure?
chop;
s/\r$//;
$dir = $_;
$cgi = 0;
} elsif ($query =~ /^(opt\d+|dir|cmd)=/) {
$cookie = '';
# $cgi = 0;
# if ($query eq '') {
# $_ = `pwd`; # insecure?
# chop;
# s/\r$//;
# $dir = $_;
# $cgi = 0;
# } elsif ($query =~ /^(opt\d+|dir|cmd|cookie)=/) {
foreach(split(/\&/, $query)) {
if (s/^dir=//) {
$dir = &form_decode($_);
@@ -46,20 +48,31 @@ if ($query eq '') {
$OPT[$1] = $_;
} elsif (s/^cmd=//) {
$cmd = $_;
} elsif (s/^cookie=//) {
$cookie = &form_decode($_);
}
}
$cgi = 1;
} else {
$dir = $query;
if (($dir !~ m@^/@) &&
($WIN32 && $dir !~ /^[a-z]:/i)) {
$_ = `pwd`; # insecure?
chop;
s/\r$//;
$dir = "$_/$dir";
if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
print <<EOF;
Content-Type: text/plain
Local cookie doesn't match: It may be an illegal execution
EOF
exit(1);
}
$cgi = -1;
}
$cookie = &html_quote($cookie);
$cgi = 1;
# } else {
# $dir = $query;
# if (($dir !~ m@^/@) &&
# ($WIN32 && $dir !~ /^[a-z]:/i)) {
# $_ = `pwd`; # insecure?
# chop;
# s/\r$//;
# $dir = "$_/$dir";
# }
# $cgi = -1;
# }
if ($dir !~ m@/$@) {
$dir .= '/';
}
@@ -117,7 +130,7 @@ Content-Type: text/html
<body>
<h1>Directory list of $qdir</h1>
EOF
&print_form($edir, @OPT);
&print_form($qdir, @OPT);
print <<EOF;
<hr>
EOF
@@ -420,6 +433,7 @@ EOF
</table>
</center>
<input type=hidden name=dir value="$d">
<input type=hidden name=cookie value="$cookie">
</form>
EOF
}