Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch noJsonCgiFlag Excluding Merge-Ins
This is equivalent to a diff from bcdc4c5546 to 4231d4b634
|
2019-09-05
| ||
| 02:33 | Upper-case query parameter, POST parameter, and cookie names are converted to lower-case prior to entering them into the parameter set. Before this change, upper-case names were silently rejected. ... (check-in: 19bbd2c5ea user: drh tags: trunk) | |
| 02:31 | Minor tweaks prior to merging. ... (Closed-Leaf check-in: 4231d4b634 user: drh tags: noJsonCgiFlag) | |
|
2019-09-04
| ||
| 20:02 | More typo fixes in the Rebase document. ... (check-in: aaacce23cd user: drh tags: trunk) | |
| 20:01 | Merge updates from trunk. ... (check-in: 20c64950a9 user: mistachkin tags: noJsonCgiFlag) | |
| 19:56 | Setup and Admin users should not automatically have have the Private capability. This reverses the principal change from check-in [b241130222]. ... (check-in: bcdc4c5546 user: mistachkin tags: trunk) | |
| 19:34 | Fix a typo in the Rebase document. ... (check-in: 18e58e29cc user: drh tags: trunk) | |
Changes to src/cgi.c.
| ︙ | ︙ | |||
487 488 489 490 491 492 493 494 495 496 497 498 499 500 |
nUsedQP++;
sortQP = 1;
}
/*
** Add another query parameter or cookie to the parameter set.
** zName is the name of the query parameter or cookie and zValue
** is its fully decoded value.
**
** Copies are made of both the zName and zValue parameters.
*/
void cgi_set_parameter(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(mprintf("%s",zName), mprintf("%s",zValue), 0);
}
| > > > > > > > > > > > > > > > > > > > > > | 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 |
nUsedQP++;
sortQP = 1;
}
/*
** Add another query parameter or cookie to the parameter set.
** zName is the name of the query parameter or cookie and zValue
** is its fully decoded value. zName will be modified to be an
** all lowercase string.
**
** zName and zValue are not copied and must not change or be
** deallocated after this routine returns. This routine changes
** all ASCII alphabetic characters in zName to lower case. The
** caller must not change them back.
*/
void cgi_set_parameter_nocopy_tolower(
char *zName,
const char *zValue,
int isQP
){
int i;
for(i=0; zName[i]; i++){ zName[i] = fossil_tolower(zName[i]); }
cgi_set_parameter_nocopy(zName, zValue, isQP);
}
/*
** Add another query parameter or cookie to the parameter set.
** zName is the name of the query parameter or cookie and zValue
** is its fully decoded value.
**
** Copies are made of both the zName and zValue parameters.
*/
void cgi_set_parameter(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(mprintf("%s",zName), mprintf("%s",zValue), 0);
}
|
| ︙ | ︙ | |||
521 522 523 524 525 526 527 528 529 530 531 532 533 534 |
if( fossil_strcmp(aParamQP[i].zName,zName)==0 ){
aParamQP[i].zValue = zValue;
assert( aParamQP[i].isQP );
return;
}
}
cgi_set_parameter_nocopy(zName, zValue, 1);
}
/*
** Delete a parameter.
*/
void cgi_delete_parameter(const char *zName){
int i;
| > > > > > | 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 |
if( fossil_strcmp(aParamQP[i].zName,zName)==0 ){
aParamQP[i].zValue = zValue;
assert( aParamQP[i].isQP );
return;
}
}
cgi_set_parameter_nocopy(zName, zValue, 1);
}
void cgi_replace_query_parameter_tolower(char *zName, const char *zValue){
int i;
for(i=0; zName[i]; i++){ zName[i] = fossil_tolower(zName[i]); }
cgi_replace_query_parameter(zName, zValue);
}
/*
** Delete a parameter.
*/
void cgi_delete_parameter(const char *zName){
int i;
|
| ︙ | ︙ | |||
559 560 561 562 563 564 565 |
/*
** Add a query parameter. The zName portion is fixed but a copy
** must be made of zValue.
*/
void cgi_setenv(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(zName, mprintf("%s",zValue), 0);
}
| < | 585 586 587 588 589 590 591 592 593 594 595 596 597 598 |
/*
** Add a query parameter. The zName portion is fixed but a copy
** must be made of zValue.
*/
void cgi_setenv(const char *zName, const char *zValue){
cgi_set_parameter_nocopy(zName, mprintf("%s",zValue), 0);
}
/*
** Add a list of query parameters or cookies to the parameter set.
**
** Each parameter is of the form NAME=VALUE. Both the NAME and the
** VALUE may be url-encoded ("+" for space, "%HH" for other special
** characters). But this routine assumes that NAME contains no
|
| ︙ | ︙ | |||
613 614 615 616 617 618 619 |
z++;
}
dehttpize(zValue);
}else{
if( *z ){ *z++ = 0; }
zValue = "";
}
| > | | > > > | 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 |
z++;
}
dehttpize(zValue);
}else{
if( *z ){ *z++ = 0; }
zValue = "";
}
if( zName[0] && fossil_no_strange_characters(zName+1) ){
if( fossil_islower(zName[0]) ){
cgi_set_parameter_nocopy(zName, zValue, isQP);
}else if( fossil_isupper(zName[0]) ){
cgi_set_parameter_nocopy_tolower(zName, zValue, isQP);
}
}
#ifdef FOSSIL_ENABLE_JSON
json_setenv( zName, cson_value_new_string(zValue,strlen(zValue)) );
#endif /* FOSSIL_ENABLE_JSON */
}
}
|
| ︙ | ︙ | |||
757 758 759 760 761 762 763 |
zBoundry = get_line_from_string(&z, &len);
if( zBoundry==0 ) return;
while( (zLine = get_line_from_string(&z, &len))!=0 ){
if( zLine[0]==0 ){
int nContent = 0;
zValue = get_bounded_content(&z, &len, zBoundry, &nContent);
| | > | | | | > > > > > > > > | | > > > > > | | > > > > | 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 |
zBoundry = get_line_from_string(&z, &len);
if( zBoundry==0 ) return;
while( (zLine = get_line_from_string(&z, &len))!=0 ){
if( zLine[0]==0 ){
int nContent = 0;
zValue = get_bounded_content(&z, &len, zBoundry, &nContent);
if( zName && zValue ){
if( fossil_islower(zName[0]) ){
cgi_set_parameter_nocopy(zName, zValue, 1);
if( showBytes ){
cgi_set_parameter_nocopy(mprintf("%s:bytes", zName),
mprintf("%d",nContent), 1);
}
}else if( fossil_isupper(zName[0]) ){
cgi_set_parameter_nocopy_tolower(zName, zValue, 1);
if( showBytes ){
cgi_set_parameter_nocopy_tolower(mprintf("%s:bytes", zName),
mprintf("%d",nContent), 1);
}
}
}
zName = 0;
showBytes = 0;
}else{
nArg = tokenize_line(zLine, count(azArg), azArg);
for(i=0; i<nArg; i++){
int c = fossil_tolower(azArg[i][0]);
int n = strlen(azArg[i]);
if( c=='c' && sqlite3_strnicmp(azArg[i],"content-disposition:",n)==0 ){
i++;
}else if( c=='n' && sqlite3_strnicmp(azArg[i],"name=",n)==0 ){
zName = azArg[++i];
}else if( c=='f' && sqlite3_strnicmp(azArg[i],"filename=",n)==0 ){
char *z = azArg[++i];
if( zName && z ){
if( fossil_islower(zName[0]) ){
cgi_set_parameter_nocopy(mprintf("%s:filename",zName), z, 1);
}else if( fossil_isupper(zName[0]) ){
cgi_set_parameter_nocopy_tolower(mprintf("%s:filename",zName),
z, 1);
}
}
showBytes = 1;
}else if( c=='c' && sqlite3_strnicmp(azArg[i],"content-type:",n)==0 ){
char *z = azArg[++i];
if( zName && z ){
if( fossil_islower(zName[0]) ){
cgi_set_parameter_nocopy(mprintf("%s:mimetype",zName), z, 1);
}else if( fossil_isupper(zName[0]) ){
cgi_set_parameter_nocopy_tolower(mprintf("%s:mimetype",zName),
z, 1);
}
}
}
}
}
}
}
|
| ︙ | ︙ | |||
943 944 945 946 947 948 949 950 951 952 953 954 955 |
**
** SCGI typically omits PATH_INFO. CGI sometimes omits REQUEST_URI and
** PATH_INFO when it is empty.
*/
void cgi_init(void){
char *z;
const char *zType;
int len;
const char *zRequestUri = cgi_parameter("REQUEST_URI",0);
const char *zScriptName = cgi_parameter("SCRIPT_NAME",0);
const char *zPathInfo = cgi_parameter("PATH_INFO",0);
#ifdef FOSSIL_ENABLE_JSON
| > > | | 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 |
**
** SCGI typically omits PATH_INFO. CGI sometimes omits REQUEST_URI and
** PATH_INFO when it is empty.
*/
void cgi_init(void){
char *z;
const char *zType;
char *zSemi;
int len;
const char *zRequestUri = cgi_parameter("REQUEST_URI",0);
const char *zScriptName = cgi_parameter("SCRIPT_NAME",0);
const char *zPathInfo = cgi_parameter("PATH_INFO",0);
#ifdef FOSSIL_ENABLE_JSON
int noJson = P("no_json")!=0;
if( noJson==0 ){ json_main_bootstrap(); }
#endif
g.isHTTP = 1;
cgi_destination(CGI_BODY);
if( zScriptName==0 ) malformed_request("missing SCRIPT_NAME");
if( zRequestUri==0 ){
const char *z = zPathInfo;
if( zPathInfo==0 ){
|
| ︙ | ︙ | |||
988 989 990 991 992 993 994 |
z = (char*)P("REMOTE_ADDR");
if( z ){
g.zIpAddr = mprintf("%s", z);
}
len = atoi(PD("CONTENT_LENGTH", "0"));
| > > > > > > | > | | | 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 |
z = (char*)P("REMOTE_ADDR");
if( z ){
g.zIpAddr = mprintf("%s", z);
}
len = atoi(PD("CONTENT_LENGTH", "0"));
zType = P("CONTENT_TYPE");
zSemi = zType ? strchr(zType, ';') : 0;
if( zSemi ){
g.zContentType = mprintf("%.*s", (int)(zSemi-zType), zType);
zType = g.zContentType;
}else{
g.zContentType = zType;
}
blob_zero(&g.cgiIn);
if( len>0 && zType ){
if( fossil_strcmp(zType, "application/x-fossil")==0 ){
blob_read_from_channel(&g.cgiIn, g.httpIn, len);
blob_uncompress(&g.cgiIn, &g.cgiIn);
}
#ifdef FOSSIL_ENABLE_JSON
else if( noJson==0 && (fossil_strcmp(zType, "application/json")==0
|| fossil_strcmp(zType,"text/plain")==0/*assume this MIGHT be JSON*/
|| fossil_strcmp(zType,"application/javascript")==0) ){
g.json.isJsonMode = 1;
cgi_parse_POST_JSON(g.httpIn, (unsigned int)len);
/* FIXMEs:
- See if fossil really needs g.cgiIn to be set for this purpose
(i don't think it does). If it does then fill g.cgiIn and
refactor to parse the JSON from there.
|
| ︙ | ︙ |
Changes to src/dispatch.c.
| ︙ | ︙ | |||
194 195 196 197 198 199 200 201 202 203 204 205 206 207 |
zName = "";
}else{
if( *z ){ *z++ = 0; }
zValue = "";
}
if( fossil_islower(zName[0]) ){
cgi_replace_query_parameter(zName, zValue);
}
}
return 0;
}
/*
** Fill Blob with a space-separated list of all command names that
| > > | 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 |
zName = "";
}else{
if( *z ){ *z++ = 0; }
zValue = "";
}
if( fossil_islower(zName[0]) ){
cgi_replace_query_parameter(zName, zValue);
}else if( fossil_isupper(zName[0]) ){
cgi_replace_query_parameter_tolower(zName, zValue);
}
}
return 0;
}
/*
** Fill Blob with a space-separated list of all command names that
|
| ︙ | ︙ |
Changes to src/doc.c.
| ︙ | ︙ | |||
593 594 595 596 597 598 599 |
Blob tail;
blob_zero(&tail);
if( wiki_find_title(pBody, &title, &tail) ){
style_header("%s", blob_str(&title));
Th_Render(blob_str(&tail));
blob_reset(&tail);
}else{
| | | 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 |
Blob tail;
blob_zero(&tail);
if( wiki_find_title(pBody, &title, &tail) ){
style_header("%s", blob_str(&title));
Th_Render(blob_str(&tail));
blob_reset(&tail);
}else{
style_header("%h", zFilename);
Th_Render(blob_str(pBody));
}
}else{
Th_Render(blob_str(pBody));
}
if( !raw ){
style_footer();
|
| ︙ | ︙ |