diff options
author | Fumitoshi UKAI <ukai@debian.or.jp> | 2003-01-15 17:13:21 +0000 |
---|---|---|
committer | Fumitoshi UKAI <ukai@debian.or.jp> | 2003-01-15 17:13:21 +0000 |
commit | 549ee1cc09be5bbdc613649eb9be3ebc122c0331 (patch) | |
tree | c8f2ea7433d0eddc429d36dc12267d482374ac87 /w3mhelperpanel.c | |
parent | * file.c (loadGopherDir): convertLine RAW_MODE (diff) | |
download | w3m-549ee1cc09be5bbdc613649eb9be3ebc122c0331.tar.gz w3m-549ee1cc09be5bbdc613649eb9be3ebc122c0331.zip |
[w3m-dev 03644] Re: Other user can see local cookie.
* cookie.c (save_cookies): return if no_rc_dir
* etc.c (tmpf_base): add cookie
(tmpfname): use tmp_dir instead of rc_dir
* file.c (loadGeneralFile): cookie is not passed via URL
* fm.h (TMPF_COOKIE): incl
(MAX_TMPF_TYPE): incl
(no_rc_dir): added
(tmp_dir): added
(config_file): added
* local.c (Local_cookie_file): added
(writeLocalCookie): added
(setLocalCookie): dont set environment LOCAL_COOKIE
(localcgi_post): writeLocalCookie
(localcgi_get): writeLocalCookie
* main.c (config_filename): deleted
(cmd_loadURL): arg FormList
(main): rewrite config_file, rc
(ldhelp): no cookie in URL
(cmd_loadURL): arg FormList
(goURL0): cmd_loadURL change
(cmd_loadBuffer): cmd_loadURL change
(adBmark): cookie is posted
(follow_map): cmd_loadURL change
(linkMn): cmd_loadURL change
(reinit): init_rc change
* proto.h (create_option_search_table): deleted
(init_rc): no args
* rc.c (create_option_search_table): static
(init_rc): no args
rewrite
(optionpanel_src1): rewrite
(load_option_panel): html_quote
(panel_set_option): no_rc_dir
* w3mbookmark.c: rewrite
* w3mhelperpanel.c: rewrite
* scripts/dirlist.cgi.in: rewrite
* scripts/w3mhelp.cgi.in: rewrite
* scripts/w3mmail.cgi.in: rewrite
* scripts/multipart/multipart.cgi.in: rewrite
From: Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
Diffstat (limited to '')
-rw-r--r-- | w3mhelperpanel.c | 74 |
1 files changed, 48 insertions, 26 deletions
diff --git a/w3mhelperpanel.c b/w3mhelperpanel.c index b66c47c..3f9add6 100644 --- a/w3mhelperpanel.c +++ b/w3mhelperpanel.c @@ -1,7 +1,8 @@ -/* $Id: w3mhelperpanel.c,v 1.10 2002/11/26 18:03:29 ukai Exp $ */ +/* $Id: w3mhelperpanel.c,v 1.11 2003/01/15 17:13:22 ukai Exp $ */ #include <errno.h> #include <stdlib.h> #include <stdio.h> +#include <string.h> #include "config.h" #include "Str.h" #include "indep.h" @@ -18,7 +19,7 @@ #define MSG_DELETE "ºï½ü" #define MSG_DOIT "¼Â¹Ô" #else /* LANG != JA */ -#define MSG_TITLE "External Viewers" +#define MSG_TITLE "External Viewers Setup" #define MSG_NEW_ENTRY "New Entry" #define MSG_TYPE "Type" #define MSG_COMMAND "Command" @@ -81,32 +82,33 @@ printMailcapPanel(char *mailcap) } } printf("Content-Type: text/html\n\n"); - printf - ("<html><head><title>External Viewer Setup</title></head><body><h1>%s</h1>\n", - MSG_TITLE); - printf("<form method=get action=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME + printf("<html>\n<head>\n<title>%s</title>\n</head>\n<body>\n<h1>%s</h1>\n", + MSG_TITLE, MSG_TITLE); + printf("<form method=post action=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME "\">\n"); printf("<input type=hidden name=mode value=edit>\n"); - printf("<input type=hidden name=cookie value=\"%s\">\n", local_cookie); - printf - ("%s: %s=<input type=text name=newtype><br>%s=<input type=text name=newcmd><br><input type=submit name=submit value=\"%s\">\n", - MSG_NEW_ENTRY, MSG_TYPE, MSG_COMMAND, MSG_REGISTER); - printf - ("<p><hr width=50%%><p><table border='0' cellpadding='0'><tr><th> <th><b>%s</b><th><b>%s</b>\n", - MSG_TYPE, MSG_COMMAND); + printf("<input type=hidden name=cookie value=\"%s\">\n", + html_quote(local_cookie)); + printf("<table>\n<tr><td>%s:<td>%s=<input type=text name=newtype size=40>\n\ +<tr><td><td>%s=<input type=text name=newcmd size=40>\n\ +<tr><td><input type=submit name=submit value=\"%s\">\n</table>\n", + MSG_NEW_ENTRY, MSG_TYPE, MSG_COMMAND, MSG_REGISTER); + printf("<p><hr width=50%%><p>\n<table border='0' cellpadding='0'>\n\ +<tr><th align=left><b>%s</b><th><b>%s</b>\n", + MSG_TYPE, MSG_COMMAND); while (tmp = Strfgets(f), tmp->length > 0) { if (tmp->ptr[0] == '#') continue; Strchop(tmp); extractMailcapEntry(tmp->ptr, &type, &viewer); - printf("<tr valign=top><td><td>%s<td>%s<td>", html_quote(type), + printf("<tr valign=top><td>%s<td>%s<td nowrap>", html_quote(type), html_quote(viewer)); printf("<input type=checkbox name=delete value=\"%s\">%s\n", html_quote(type), MSG_DELETE); } - printf - ("</table><input type=submit name=submit value=\"%s\"></form></body></html>\n", - MSG_DOIT); + printf("</table>\n<input type=submit name=submit value=\"%s\">\n</form>\n\ +</body>\n</html>\n", + MSG_DOIT); } void @@ -159,17 +161,34 @@ main(int argc, char *argv[], char **envp) { Str mailcapfile; extern char *getenv(); - char *qs; + char *p; + int length; + Str qs = NULL; struct parsed_tagarg *cgiarg; char *mode; char *sent_cookie; - if ((qs = getenv("QUERY_STRING")) == NULL) - exit(1); - - cgiarg = cgistr2tagarg(qs); - - local_cookie = getenv("LOCAL_COOKIE"); + p = getenv("REQUEST_METHOD"); + if (p == NULL || strcasecmp(p, "post")) + goto request_err; + p = getenv("CONTENT_LENGTH"); + if (p == NULL || (length = atoi(p)) <= 0) + goto request_err; + + qs = Strfgets(stdin); + Strchop(qs); + if (qs->length != length) + goto request_err; + cgiarg = cgistr2tagarg(qs->ptr); + + p = getenv("LOCAL_COOKIE_FILE"); + if (p) { + FILE *f = fopen(p, "r"); + if (f) { + local_cookie = Strfgets(f)->ptr; + fclose(f); + } + } sent_cookie = tag_get_value(cgiarg, "cookie"); if (local_cookie == NULL || sent_cookie == NULL || strcmp(local_cookie, sent_cookie) != 0) { @@ -178,8 +197,7 @@ main(int argc, char *argv[], char **envp) } mode = tag_get_value(cgiarg, "mode"); - mailcapfile = Strnew_charp(expandPath(RC_DIR)); - Strcat_charp(mailcapfile, "/mailcap"); + mailcapfile = Strnew_charp(expandPath(USER_MAILCAP)); if (mode && !strcmp(mode, "edit")) { char *referer; /* check if I can edit my mailcap */ @@ -198,4 +216,8 @@ main(int argc, char *argv[], char **envp) printMailcapPanel(mailcapfile->ptr); } return 0; + + request_err: + bye("Incomplete Request:", qs ? qs->ptr : "(null)"); + exit(1); } |