From 549ee1cc09be5bbdc613649eb9be3ebc122c0331 Mon Sep 17 00:00:00 2001
From: Fumitoshi UKAI <ukai@debian.or.jp>
Date: Wed, 15 Jan 2003 17:13:21 +0000
Subject: [w3m-dev 03644] Re: Other user can see local cookie. * cookie.c
 (save_cookies): return if no_rc_dir * etc.c (tmpf_base): add cookie 
 (tmpfname): use tmp_dir instead of rc_dir * file.c (loadGeneralFile): cookie
 is not passed via URL * fm.h (TMPF_COOKIE): incl 	(MAX_TMPF_TYPE): incl 
 (no_rc_dir): added 	(tmp_dir): added 	(config_file): added * local.c
 (Local_cookie_file): added 	(writeLocalCookie): added 
 (setLocalCookie): dont set environment LOCAL_COOKIE 	(localcgi_post):
 writeLocalCookie 	(localcgi_get): writeLocalCookie * main.c
 (config_filename): deleted 	(cmd_loadURL): arg FormList 	(main):
 rewrite config_file, rc 	(ldhelp): no cookie in URL 	(cmd_loadURL):
 arg FormList 	(goURL0): cmd_loadURL change 	(cmd_loadBuffer): cmd_loadURL
 change 	(adBmark): cookie is posted 	(follow_map): cmd_loadURL
 change 	(linkMn): cmd_loadURL change 	(reinit): init_rc change *
 proto.h (create_option_search_table): deleted 	(init_rc): no args * rc.c
 (create_option_search_table): static 	(init_rc): no args 	
 rewrite 	(optionpanel_src1): rewrite 	(load_option_panel):
 html_quote 	(panel_set_option): no_rc_dir * w3mbookmark.c: rewrite *
 w3mhelperpanel.c: rewrite * scripts/dirlist.cgi.in: rewrite *
 scripts/w3mhelp.cgi.in: rewrite * scripts/w3mmail.cgi.in: rewrite *
 scripts/multipart/multipart.cgi.in: rewrite From: Hironori SAKAMOTO
 <hsaka@mth.biglobe.ne.jp>

---
 ChangeLog                          |  45 +++++++++++++-
 cookie.c                           |   4 +-
 etc.c                              |   6 +-
 file.c                             |   8 +--
 fm.h                               |   9 ++-
 local.c                            |  24 +++++++-
 main.c                             |  61 +++++++++----------
 proto.h                            |   5 +-
 rc.c                               |  70 +++++++++++++--------
 scripts/dirlist.cgi.in             |  61 ++++++++-----------
 scripts/multipart/multipart.cgi.in |  25 ++------
 scripts/w3mhelp.cgi.in             |  18 +-----
 scripts/w3mmail.cgi.in             |  33 ++++++----
 w3mbookmark.c                      | 121 +++++++++++++++++++++----------------
 w3mhelperpanel.c                   |  74 +++++++++++++++--------
 15 files changed, 327 insertions(+), 237 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7eed7ef..4646b5e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,46 @@
+2003-01-16  Hironori SAKAMOTO <hsaka@mth.biglobe.ne.jp>
+
+	* [w3m-dev 03644] Re: Other user can see local cookie.
+	* cookie.c (save_cookies): return if no_rc_dir
+	* etc.c (tmpf_base): add cookie
+		(tmpfname): use tmp_dir instead of rc_dir
+	* file.c (loadGeneralFile): cookie is not passed via URL
+	* fm.h (TMPF_COOKIE): incl
+		(MAX_TMPF_TYPE): incl
+		(no_rc_dir): added
+		(tmp_dir): added
+		(config_file): added
+	* local.c (Local_cookie_file): added
+		(writeLocalCookie): added
+		(setLocalCookie): dont set environment LOCAL_COOKIE
+		(localcgi_post): writeLocalCookie
+		(localcgi_get): writeLocalCookie
+	* main.c (config_filename): deleted
+		(cmd_loadURL): arg FormList
+		(main): rewrite config_file, rc
+		(ldhelp): no cookie in URL
+		(cmd_loadURL): arg FormList
+		(goURL0): cmd_loadURL change
+		(cmd_loadBuffer): cmd_loadURL change
+		(adBmark): cookie is posted
+		(follow_map): cmd_loadURL change
+		(linkMn): cmd_loadURL change
+		(reinit): init_rc change
+	* proto.h (create_option_search_table): deleted
+		(init_rc): no args
+	* rc.c (create_option_search_table): static
+		(init_rc): no args
+			rewrite
+		(optionpanel_src1): rewrite
+		(load_option_panel): html_quote
+		(panel_set_option): no_rc_dir
+	* w3mbookmark.c: rewrite
+	* w3mhelperpanel.c: rewrite
+	* scripts/dirlist.cgi.in: rewrite
+	* scripts/w3mhelp.cgi.in: rewrite
+	* scripts/w3mmail.cgi.in: rewrite
+	* scripts/multipart/multipart.cgi.in: rewrite
+
 2003-01-16  Fumitoshi UKAI  <ukai@debian.or.jp>
 
 	* file.c (loadGopherDir): convertLine RAW_MODE
@@ -6476,4 +6519,4 @@ a	* [w3m-dev 03276] compile error on EWS4800
 	* release-0-2-1
 	* import w3m-0.2.1
 
-$Id: ChangeLog,v 1.684 2003/01/15 16:24:25 ukai Exp $
+$Id: ChangeLog,v 1.685 2003/01/15 17:13:21 ukai Exp $
diff --git a/cookie.c b/cookie.c
index 583cd35..4c8bb47 100644
--- a/cookie.c
+++ b/cookie.c
@@ -1,4 +1,4 @@
-/* $Id: cookie.c,v 1.7 2002/01/10 15:39:21 ukai Exp $ */
+/* $Id: cookie.c,v 1.8 2003/01/15 17:13:21 ukai Exp $ */
 
 /*
  * References for version 0 cookie:                                  
@@ -417,7 +417,7 @@ save_cookies(void)
 
     check_expired_cookies();
 
-    if (!First_cookie || is_saved || rc_dir_is_tmp)
+    if (!First_cookie || is_saved || no_rc_dir)
 	return;
 
     cookie_file = rcFile(COOKIE_FILE);
diff --git a/etc.c b/etc.c
index d5ecaeb..886cb1d 100644
--- a/etc.c
+++ b/etc.c
@@ -1,4 +1,4 @@
-/* $Id: etc.c,v 1.48 2003/01/15 16:11:43 ukai Exp $ */
+/* $Id: etc.c,v 1.49 2003/01/15 17:13:21 ukai Exp $ */
 #include "fm.h"
 #include <pwd.h>
 #include "myctype.h"
@@ -1503,7 +1503,7 @@ file_to_url(char *file)
 }
 
 static char *tmpf_base[MAX_TMPF_TYPE] = {
-    "tmp", "src", "frame", "cache"
+    "tmp", "src", "frame", "cache", "cookie",
 };
 static unsigned int tmpf_seq[MAX_TMPF_TYPE];
 
@@ -1512,7 +1512,7 @@ tmpfname(int type, char *ext)
 {
     Str tmpf;
     tmpf = Sprintf("%s/w3m%s%d-%d%s",
-		   rc_dir,
+		   tmp_dir,
 		   tmpf_base[type],
 		   CurrentPid, tmpf_seq[type]++, (ext) ? ext : "");
     pushText(fileToDelete, tmpf->ptr);
diff --git a/file.c b/file.c
index b5829e8..3634ce4 100644
--- a/file.c
+++ b/file.c
@@ -1,4 +1,4 @@
-/* $Id: file.c,v 1.186 2003/01/15 16:24:25 ukai Exp $ */
+/* $Id: file.c,v 1.187 2003/01/15 17:13:21 ukai Exp $ */
 #include "fm.h"
 #include <sys/types.h>
 #include "myctype.h"
@@ -1550,10 +1550,8 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer,
 		    return NULL;
 		if (S_ISDIR(st.st_mode)) {
 		    if (UseExternalDirBuffer) {
-			Str cmd = Sprintf("%s?cookie=%s&dir=%s#current",
-					  DirBufferCommand,
-					  (Str_form_quote(Local_cookie))->ptr,
-					  pu.file);
+			Str cmd = Sprintf("%s?dir=%s#current",
+					  DirBufferCommand, pu.file);
 			b = loadGeneralFile(cmd->ptr, NULL, NO_REFERER, 0,
 					    NULL);
 			if (b != NULL && b != NO_BUFFER) {
diff --git a/fm.h b/fm.h
index 526806e..8e4e8fd 100644
--- a/fm.h
+++ b/fm.h
@@ -1,4 +1,4 @@
-/* $Id: fm.h,v 1.102 2003/01/10 16:42:40 ukai Exp $ */
+/* $Id: fm.h,v 1.103 2003/01/15 17:13:22 ukai Exp $ */
 /* 
  * w3m: WWW wo Miru utility
  * 
@@ -742,7 +742,8 @@ typedef struct http_request {
 #define TMPF_SRC	1
 #define TMPF_FRAME	2
 #define TMPF_CACHE	3
-#define MAX_TMPF_TYPE	4
+#define TMPF_COOKIE	4
+#define MAX_TMPF_TYPE	5
 
 #define set_no_proxy(domains) (NO_proxy_domains=make_domain_list(domains))
 
@@ -1017,8 +1018,10 @@ global char UseGraphicChar init(TRUE);
 extern char alt_rule[];
 #endif				/* not KANJI_SYMBOLS */
 extern char UseAltEntity;
+global int no_rc_dir init(FALSE);
 global char *rc_dir;
-global int rc_dir_is_tmp init(FALSE);
+global char *tmp_dir;
+global char *config_file init(NULL);
 
 #ifdef USE_MOUSE
 global int use_mouse init(TRUE);
diff --git a/local.c b/local.c
index 445d1c1..a0d8c26 100644
--- a/local.c
+++ b/local.c
@@ -1,4 +1,4 @@
-/* $Id: local.c,v 1.20 2003/01/15 16:24:25 ukai Exp $ */
+/* $Id: local.c,v 1.21 2003/01/15 17:13:22 ukai Exp $ */
 #include "fm.h"
 #include <string.h>
 #include <stdio.h>
@@ -23,6 +23,25 @@
 
 #define CGIFN_CONTAIN_SLASH 4
 
+static char *Local_cookie_file = NULL;
+
+static void
+writeLocalCookie()
+{
+    FILE *f;
+
+    if (no_rc_dir)
+	return;
+    Local_cookie_file = tmpfname(TMPF_COOKIE, NULL)->ptr;
+    set_environ("LOCAL_COOKIE_FILE", Local_cookie_file);
+    f = fopen(Local_cookie_file, "wb");
+    if (!f)
+	return;
+    fwrite(Local_cookie->ptr, sizeof(char), Local_cookie->length, f);
+    fclose(f);
+    chmod(Local_cookie_file, S_IRUSR | S_IWUSR);
+}
+
 /* setup cookie for local CGI */
 void
 setLocalCookie()
@@ -31,7 +50,6 @@ setLocalCookie()
     gethostname(hostname, 256);
 
     Local_cookie = Sprintf("%d.%ld@%s", CurrentPid, lrand48(), hostname);
-    set_environ("LOCAL_COOKIE", Local_cookie->ptr);
 }
 
 Str
@@ -395,6 +413,7 @@ localcgi_post(char *uri, char *qstr, FormList *request, char *referer)
     file = cgi_filename(uri, &status);
     if (check_local_cgi(file, status) < 0)
 	return NULL;
+    writeLocalCookie();
     tmp1 = tmpfname(TMPF_DFL, NULL);
     if ((pid = localcgi_popen_r(&f)) < 0)
 	return NULL;
@@ -459,6 +478,7 @@ localcgi_get(char *uri, char *request, char *referer)
     file = cgi_filename(uri, &status);
     if (check_local_cgi(file, status) < 0)
 	return NULL;
+    writeLocalCookie();
     if ((pid = localcgi_popen_r(&f)) < 0)
 	return NULL;
     else if (pid)
diff --git a/main.c b/main.c
index f6e71ef..83a1198 100644
--- a/main.c
+++ b/main.c
@@ -1,4 +1,4 @@
-/* $Id: main.c,v 1.193 2003/01/15 16:24:25 ukai Exp $ */
+/* $Id: main.c,v 1.194 2003/01/15 17:13:22 ukai Exp $ */
 #define MAINPROGRAM
 #include "fm.h"
 #include <signal.h>
@@ -26,8 +26,6 @@ extern int do_getch();
 
 #define DSTR_LEN	256
 
-static char *config_filename = NULL;
-
 Hist *LoadHist;
 Hist *SaveHist;
 Hist *URLHist;
@@ -71,7 +69,8 @@ JMP_BUF IntReturn;
 
 static void delBuffer(Buffer *buf);
 static void cmd_loadfile(char *path);
-static void cmd_loadURL(char *url, ParsedURL *current, char *referer);
+static void cmd_loadURL(char *url, ParsedURL *current, char *referer,
+			FormList *request);
 static void cmd_loadBuffer(Buffer *buf, int prop, int linkid);
 static void keyPressEventProc(int c);
 int show_params_p = 0;
@@ -383,12 +382,7 @@ main(int argc, char **argv, char **envp)
     CurrentDir = currentdir();
     CurrentPid = (int)getpid();
     BookmarkFile = NULL;
-    rc_dir = expandName(RC_DIR);
-    i = strlen(rc_dir);
-    if (i > 1 && rc_dir[i - 1] == '/')
-	rc_dir[i - 1] = '\0';
-    config_filename = rcFile(CONFIG_FILE);
-    create_option_search_table();
+    config_file = NULL;
 
     /* argument search 1 */
     for (i = 1; i < argc; i++) {
@@ -397,7 +391,7 @@ main(int argc, char **argv, char **envp)
 		argv[i] = "-dummy";
 		if (++i >= argc)
 		    usage();
-		config_filename = argv[i];
+		config_file = argv[i];
 		argv[i] = "-dummy";
 	    }
 	    else if (!strcmp("-h", argv[i]) || !strcmp("-help", argv[i]))
@@ -410,7 +404,7 @@ main(int argc, char **argv, char **envp)
     }
 
     /* initializations */
-    init_rc(config_filename);
+    init_rc();
 
     LoadHist = newHist();
     SaveHist = newHist();
@@ -2007,17 +2001,16 @@ ldhelp(void)
 #ifdef USE_HELP_CGI
     char *lang;
     int n;
+    Str tmp;
 
     lang = AcceptLang;
     n = strcspn(lang, ";, \t");
-    cmd_loadURL(Sprintf("file:///$LIB/" HELP_CGI CGI_EXTENSION
-			"?cookie=%s&version=%s&lang=%s",
-			Str_form_quote(Local_cookie)->ptr,
-			Str_form_quote(Strnew_charp(w3m_version))->ptr,
-			Str_form_quote(Strnew_charp_n(lang, n))->ptr)->ptr,
-		NULL, NO_REFERER);
+    tmp = Sprintf("file:///$LIB/" HELP_CGI CGI_EXTENSION "?version=%s&lang=%s",
+		  Str_form_quote(Strnew_charp(w3m_version))->ptr,
+		  Str_form_quote(Strnew_charp_n(lang, n))->ptr);
+    cmd_loadURL(tmp->ptr, NULL, NO_REFERER, NULL);
 #else
-    cmd_loadURL(helpFile(HELP_FILE), NULL, NO_REFERER);
+    cmd_loadURL(helpFile(HELP_FILE), NULL, NO_REFERER, NULL);
 #endif
 }
 
@@ -3813,7 +3806,7 @@ deletePrevBuf()
 }
 
 static void
-cmd_loadURL(char *url, ParsedURL *current, char *referer)
+cmd_loadURL(char *url, ParsedURL *current, char *referer, FormList *request)
 {
     Buffer *buf;
 
@@ -3850,7 +3843,7 @@ cmd_loadURL(char *url, ParsedURL *current, char *referer)
 #endif				/* USE_NNTP */
 
     refresh();
-    buf = loadGeneralFile(url, current, referer, 0, NULL);
+    buf = loadGeneralFile(url, current, referer, 0, request);
     if (buf == NULL) {
 	char *emsg = Sprintf("Can't load %s", conv_from_system(url))->ptr;
 	disp_err_message(emsg, FALSE);
@@ -3925,7 +3918,7 @@ goURL0(char *prompt, int relative)
     }
     parseURL2(url, &p_url, current);
     pushHashHist(URLHist, parsedURL2Str(&p_url)->ptr);
-    cmd_loadURL(url, current, referer);
+    cmd_loadURL(url, current, referer, NULL);
     if (Currentbuf != cur_buf)	/* success */
 	pushHashHist(URLHist, parsedURL2Str(&Currentbuf->currentURL)->ptr);
 }
@@ -3965,7 +3958,7 @@ cmd_loadBuffer(Buffer *buf, int prop, int linkid)
 void
 ldBmark(void)
 {
-    cmd_loadURL(BookmarkFile, NULL, NO_REFERER);
+    cmd_loadURL(BookmarkFile, NULL, NO_REFERER, NULL);
 }
 
 
@@ -3974,15 +3967,19 @@ void
 adBmark(void)
 {
     Str tmp;
+    FormList *request;
 
-    tmp = Sprintf("file://%s/" W3MBOOKMARK_CMDNAME
-		  "?mode=panel&cookie=%s&bmark=%s&url=%s&title=%s",
-		  w3m_lib_dir(), (Str_form_quote(Local_cookie))->ptr,
+    tmp = Sprintf("mode=panel&cookie=%s&bmark=%s&url=%s&title=%s",
+		  (Str_form_quote(Local_cookie))->ptr,
 		  (Str_form_quote(Strnew_charp(BookmarkFile)))->ptr,
 		  (Str_form_quote(parsedURL2Str(&Currentbuf->currentURL)))->
 		  ptr,
 		  (Str_form_quote(Strnew_charp(Currentbuf->buffername)))->ptr);
-    cmd_loadURL(tmp->ptr, NULL, NO_REFERER);
+    request = newFormList(NULL, "post", NULL, NULL, NULL, NULL, NULL);
+    request->body = tmp->ptr;
+    request->length = tmp->length;
+    cmd_loadURL("file:///$LIB/" W3MBOOKMARK_CMDNAME, NULL, NO_REFERER,
+		request);
 }
 
 /* option setting */
@@ -4086,7 +4083,7 @@ follow_map(struct parsed_tagarg *arg)
 	_newT();
 	buf = Currentbuf;
 	cmd_loadURL(a->url, baseURL(Currentbuf),
-		    parsedURL2Str(&Currentbuf->currentURL)->ptr);
+		    parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL);
 	if (buf != Currentbuf)
 	    delBuffer(buf);
 	else
@@ -4095,7 +4092,7 @@ follow_map(struct parsed_tagarg *arg)
 	return;
     }
     cmd_loadURL(a->url, baseURL(Currentbuf),
-		parsedURL2Str(&Currentbuf->currentURL)->ptr);
+		parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL);
 #endif
 }
 
@@ -4116,7 +4113,7 @@ linkMn(void)
     parseURL2(l->url, &p_url, baseURL(Currentbuf));
     pushHashHist(URLHist, parsedURL2Str(&p_url)->ptr);
     cmd_loadURL(l->url, baseURL(Currentbuf),
-		parsedURL2Str(&Currentbuf->currentURL)->ptr);
+		parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL);
 }
 
 static void
@@ -5621,7 +5618,7 @@ reinit()
     char *resource = searchKeyData();
 
     if (resource == NULL) {
-	init_rc(config_filename);
+	init_rc();
 	sync_with_option();
 #ifdef USE_COOKIE
 	initCookie();
@@ -5631,7 +5628,7 @@ reinit()
     }
 
     if (!strcasecmp(resource, "CONFIG") || !strcasecmp(resource, "RC")) {
-	init_rc(config_filename);
+	init_rc();
 	sync_with_option();
 	displayBuffer(Currentbuf, B_REDRAW_IMAGE);
 	return;
diff --git a/proto.h b/proto.h
index c2ea361..65d32fc 100644
--- a/proto.h
+++ b/proto.h
@@ -1,4 +1,4 @@
-/* $Id: proto.h,v 1.78 2003/01/15 16:11:43 ukai Exp $ */
+/* $Id: proto.h,v 1.79 2003/01/15 17:13:22 ukai Exp $ */
 /* 
  *   This file was automatically generated by version 1.7 of cextract.
  *   Manual editing not recommended.
@@ -561,8 +561,7 @@ extern Str decodeMIME(char *orgstr);
 extern Str encodeB(char *a);
 extern int set_param_option(char *option);
 extern char *get_param_option(char *name);
-extern void create_option_search_table();
-extern void init_rc(char *config_filename);
+extern void init_rc(void);
 extern Buffer *load_option_panel(void);
 extern void panel_set_option(struct parsed_tagarg *);
 extern void sync_with_option(void);
diff --git a/rc.c b/rc.c
index 103c02e..3215c31 100644
--- a/rc.c
+++ b/rc.c
@@ -1,4 +1,4 @@
-/* $Id: rc.c,v 1.74 2002/12/27 16:07:44 ukai Exp $ */
+/* $Id: rc.c,v 1.75 2003/01/15 17:13:22 ukai Exp $ */
 /* 
  * Initialization file etc.
  */
@@ -847,7 +847,7 @@ compare_table(struct rc_search_table *a, struct rc_search_table *b)
     return strcmp(a->param->name, b->param->name);
 }
 
-void
+static void
 create_option_search_table()
 {
     int i, j, k;
@@ -1366,24 +1366,25 @@ sync_with_option(void)
 }
 
 void
-init_rc(char *config_filename)
+init_rc(void)
 {
+    int i;
     struct stat st;
     FILE *f;
-    char *tmpdir;
 
-    if (((tmpdir = getenv("TMP")) == NULL || *tmpdir == '\0')
-	&& ((tmpdir = getenv("TEMP")) == NULL || *tmpdir == '\0')
-	&& ((tmpdir = getenv("TMPDIR")) == NULL || *tmpdir == '\0'))
-	tmpdir = "/tmp";
+    if (config_file != NULL)
+	goto open_rc;
+
+    rc_dir = expandName(RC_DIR);
+    i = strlen(rc_dir);
+    if (i > 1 && rc_dir[i - 1] == '/')
+        rc_dir[i - 1] = '\0';
 
     if (stat(rc_dir, &st) < 0) {
 	if (errno == ENOENT) {	/* no directory */
 	    if (do_mkdir(rc_dir, 0700) < 0) {
 		fprintf(stderr, "Can't create config directory (%s)!", rc_dir);
-		rc_dir = tmpdir;
-		rc_dir_is_tmp = TRUE;
-		return;
+		goto rc_dir_err;
 	    }
 	    else {
 		stat(rc_dir, &st);
@@ -1391,37 +1392,56 @@ init_rc(char *config_filename)
 	}
 	else {
 	    fprintf(stderr, "Can't open config directory (%s)!", rc_dir);
-	    rc_dir = tmpdir;
-	    rc_dir_is_tmp = TRUE;
-	    return;
+	    goto rc_dir_err;
 	}
     }
     if (!S_ISDIR(st.st_mode)) {
 	/* not a directory */
 	fprintf(stderr, "%s is not a directory!", rc_dir);
-	rc_dir = tmpdir;
-	rc_dir_is_tmp = TRUE;
-	return;
+	goto rc_dir_err;
     }
+    if (!(st.st_mode & S_IWUSR)) {
+	fprintf(stderr, "%s is not writable!", rc_dir);
+	goto rc_dir_err;
+    }
+    no_rc_dir = FALSE;
+    tmp_dir = rc_dir;
+
+    if (config_file == NULL)
+	config_file = rcFile(CONFIG_FILE);
+
+    create_option_search_table();
 
+  open_rc:
     /* open config file */
     if ((f = fopen(etcFile(W3MCONFIG), "rt")) != NULL) {
 	interpret_rc(f);
 	fclose(f);
     }
-    config_file = config_filename;
-    if (config_file == NULL)
-	config_file = rcFile(CONFIG_FILE);
     if ((f = fopen(config_file, "rt")) != NULL) {
 	interpret_rc(f);
 	fclose(f);
     }
+    return;
+
+  rc_dir_err:
+    no_rc_dir = TRUE;
+    if (((tmp_dir = getenv("TMPDIR")) == NULL || *tmp_dir == '\0') &&
+	((tmp_dir = getenv("TMP")) == NULL || *tmp_dir == '\0') &&
+	((tmp_dir = getenv("TEMP")) == NULL || *tmp_dir == '\0'))
+	tmp_dir = "/tmp";
 }
 
 
 static char optionpanel_src1[] =
-    "<html><head><title>Option Setting Panel</title></head>\
-<body><center><b>Option Setting Panel</b><br><b>(w3m version %s)</b></center><p>\n" "<a href=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME "?mode=panel&cookie=%s\">%s</a>\n" "<form method=internal action=option>";
+    "<html><head><title>Option Setting Panel</title></head><body>\
+<h1 align=center>Option Setting Panel<br>(w3m version %s)</b></h1>\
+<form method=post action=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME "\">\
+<input type=hidden name=mode value=panel>\
+<input type=hidden name=cookie value=\"%s\">\
+<input type=submit value=\"%s\">\
+</form><br>\
+<form method=internal action=option>";
 
 static Str
 to_str(struct param_ptr *p)
@@ -1458,8 +1478,8 @@ to_str(struct param_ptr *p)
 Buffer *
 load_option_panel(void)
 {
-    Str src = Sprintf(optionpanel_src1, w3m_version,
-		      (Str_form_quote(Local_cookie))->ptr, CMT_HELPER);
+    Str src = Sprintf(optionpanel_src1, html_quote(w3m_version),
+		      html_quote(Local_cookie->ptr), CMT_HELPER);
     struct param_ptr *p;
     struct sel_c *s;
     int x, i;
@@ -1530,7 +1550,7 @@ panel_set_option(struct parsed_tagarg *arg)
 {
     FILE *f = NULL;
 
-    if (rc_dir_is_tmp) {
+    if (no_rc_dir) {
 	disp_message("There's no ~/.w3m directory... config not saved", FALSE);
     }
     else {
diff --git a/scripts/dirlist.cgi.in b/scripts/dirlist.cgi.in
index 9bed644..2949ebe 100755
--- a/scripts/dirlist.cgi.in
+++ b/scripts/dirlist.cgi.in
@@ -33,15 +33,16 @@ $query = $ENV{'QUERY_STRING'};
 $dir = '';
 $cmd = '';
 $cookie = '';
-# $cgi = 0;
-# if ($query eq '') {
-#   $_ = `pwd`;	# insecure?
-#   chop;
-#   s/\r$//;
-#   $dir = $_;
-#   $cgi = 0;
-# } elsif ($query =~ /^(opt\d+|dir|cmd|cookie)=/) {
-  foreach(split(/\&/, $query)) {
+$local_cookie = '';
+foreach(split(/\&/, $query)) {
+  if (s/^dir=//) {
+    $dir = &form_decode($_);
+  }
+}
+$body = undef;
+if ($ENV{'REQUEST_METHOD'} eq 'POST') {
+  sysread(STDIN, $body, $ENV{'CONTENT_LENGTH'});
+  foreach(split(/\&/, $body)) {
     if (s/^dir=//) {
       $dir = &form_decode($_);
     } elsif (s/^opt(\d+)=//) {
@@ -52,27 +53,22 @@ $cookie = '';
       $cookie = &form_decode($_);
     }
   }
-  if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
-    print <<EOF;
+}
+$cookie_file = $ENV{'LOCAL_COOKIE_FILE'};
+if (-f $cookie_file) {
+   open(F, "< $cookie_file");
+   $local_cookie = <F>;
+   close(F);
+}
+if ($local_cookie eq '' || (defined($body) && $cookie ne $local_cookie)) {
+  print <<EOF;
 Content-Type: text/plain
 
 Local cookie doesn't match: It may be an illegal execution
 EOF
-    exit(1);
-  }
- $cookie =  &html_quote($cookie);
-  $cgi = 1;
-# } else {
-#   $dir = $query;
-#   if (($dir !~ m@^/@) &&
-#       ($WIN32 && $dir !~ /^[a-z]:/i)) {
-#     $_ = `pwd`;	# insecure?
-#     chop;
-#     s/\r$//;
-#     $dir = "$_/$dir";
-#   }
-#   $cgi = -1;
-# }
+  exit(1);
+}
+$local_cookie =  &html_quote($local_cookie);
 if ($dir !~ m@/$@) {
   $dir .= '/';
 }
@@ -88,9 +84,7 @@ if ($WIN32) {
       $ROOT = &cygwin_pathconv("$ROOT");
   }
 }
-if ($cgi) {
-  $dir = &cleanup($dir);
-}
+$dir = &cleanup($dir);
 
 $TYPE   = $OPT[$OPT_TYPE];
 $FORMAT = $OPT[$OPT_FORMAT];
@@ -117,9 +111,6 @@ EOF
   exit 1;
 }
 
-# ($cgi > 0) && print <<EOF;
-# w3m-control: DELETE_PREVBUF
-# EOF
 print <<EOF;
 Content-Type: text/html
 
@@ -404,9 +395,9 @@ sub print_form {
   local($_, @vs, @os, $v, $o);
 
   print <<EOF;
-<form action=\"$CGI\">
+<form method=post action=\"$CGI#current\">
 <center>
-<table>
+<table cellpadding=0>
 <tr valign=top>
 EOF
   foreach(0 .. 2) {
@@ -433,7 +424,7 @@ EOF
 </table>
 </center>
 <input type=hidden name=dir value="$d">
-<input type=hidden name=cookie value="$cookie">
+<input type=hidden name=cookie value="$local_cookie">
 </form>
 EOF
 }
diff --git a/scripts/multipart/multipart.cgi.in b/scripts/multipart/multipart.cgi.in
index d51a521..1dd981a 100644
--- a/scripts/multipart/multipart.cgi.in
+++ b/scripts/multipart/multipart.cgi.in
@@ -28,24 +28,14 @@ if (defined($query)) {
 	}
 	$file = &form_decode($v{'file'});
 	$boundary = &form_decode($v{'boundary'});
-	$cookie = &form_decode($v{'cookie'});
-	if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
-		print <<EOF;
-Content-Type: text/plain
-
-Local cookie doesn't match: It may be an illegal execution
-EOF
-		exit(1);
-	}
 } else {
 	$file = $ARGV[0];
 	if (@ARGV >= 2) {
 		$boundary = $ARGV[1];
 	}
-	$cookie = $ENV{'LOCAL_COOKIE'};
 }
-
-open(F, "< $file");
+(-f $file) || exit(1);
+open(F, "< $file") || exit(1);
 $end = 0;
 $mbody = '';
 if (defined($boundary)) {
@@ -131,7 +121,6 @@ if (defined($v{'count'})) {
 $qcgi = &html_quote($CGI);
 $qfile = &html_quote($file);
 $qboundary = &html_quote($boundary);
-$qcookie = &html_quote($cookie);
 
 if ($mbody =~ /\S/) {
 	$_ = $mbody;
@@ -196,20 +185,16 @@ while(! $end) {
 		s/\>/\&gt;/g;
 		print "<pre>\n";
 		print $_;
-		print "\n</pre>\n";
+		print "</pre>\n";
 		if ($type =~ /name=\"?([^\"]+)\"?/ ||
 			$dispos =~ /filename=\"?([^\"]+)\"?/) {
 			$name = $1;
 		} else {
 			$name = "Content";
 		}
-		print "<form method=POST action=\"$qcgi?$count\">\n";
-		print "<input type=hidden name=file value=\"$qfile\">\n";
-		print "<input type=hidden name=boundary value=\"$qboundary\">\n";
-		print "<input type=hidden name=cookie value=\"$qcookie\">\n";
-		print "<input type=hidden name=count value=\"$count\">\n";
+		print "<form action=\"$qcgi?file=$qfile&amp;boundary=$qboundary&amp;count=$count\">\n";
 		if ($image) {
-			print "<input type=image name=submit src=\"$CGI?file=$qfile&amp;boundary=$qboundary&amp;cookie=$qcookie&amp;count=$count\" alt=\"",
+			print "<input type=image name=submit src=\"$qcgi?file=$qfile&amp;boundary=$qboundary&amp;count=$count\" alt=\"",
 				&html_quote($name), "\">\n";
 		} else {
 			print "<input type=submit name=submit value=\"",
diff --git a/scripts/w3mhelp.cgi.in b/scripts/w3mhelp.cgi.in
index f7b247c..12c1b63 100644
--- a/scripts/w3mhelp.cgi.in
+++ b/scripts/w3mhelp.cgi.in
@@ -1,5 +1,5 @@
 #!@PERL@
-# $Id: w3mhelp.cgi.in,v 1.22 2002/12/11 02:57:30 ukai Exp $
+# $Id: w3mhelp.cgi.in,v 1.23 2003/01/15 17:13:22 ukai Exp $
 
 if ( $^O =~ /^(ms)?(dos|win(32|nt)?)/i ) {
   $CYGPATH = 1;
@@ -49,18 +49,6 @@ if (defined($ENV{'QUERY_STRING'})) {
 	    $lang = $tlang;
 	}
     }
-    if ($ENV{'QUERY_STRING'} =~ /(^|&)cookie=([^&]*)/) {
-	$cookie = $2;
-	$cookie =~ s/\+|%([0-9A-Fa-f][0-9A-Fa-f])/$& eq '+' ? ' ' : pack('C', hex($1))/ge;
-    }
-}
-if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
-    print <<EOF;
-Content-Type: text/plain
-
-Local cookie doesn't match: It may be an illegal execution
-EOF
-    exit(1);
 }
 
 %f = %keyfunc;
@@ -115,9 +103,7 @@ HEADING
 
 $q_version = $version;
 $q_version =~ s/[^A-Za-z0-9_\$\.\-]/sprintf('%%%02X', ord($&))/ge;
-$q_cookie = $cookie;
-$q_cookie =~ s/[^A-Za-z0-9_\$\.\-]/sprintf('%%%02X', ord($&))/ge;
-$script = "<A HREF=\"$ENV{'SCRIPT_NAME'}?cookie=$q_cookie&version=$q_version&amp;lang=";
+$script = "<A HREF=\"$ENV{'SCRIPT_NAME'}?version=$q_version&amp;lang=";
 
 # doc:en_English doc-jp:ja_Japanese
 for $otherlang (@docdirs) {
diff --git a/scripts/w3mmail.cgi.in b/scripts/w3mmail.cgi.in
index a3fcaab..e544362 100755
--- a/scripts/w3mmail.cgi.in
+++ b/scripts/w3mmail.cgi.in
@@ -1,15 +1,21 @@
 #!@PERL@
 
-$rcsid = q$Id: w3mmail.cgi.in,v 1.11 2002/11/11 15:50:28 ukai Exp $;
+$rcsid = q$Id: w3mmail.cgi.in,v 1.12 2003/01/15 17:13:22 ukai Exp $;
 ($id = $rcsid) =~ s/^.*,v ([\d\.]*).*/$1/;
 ($prog=$0) =~ s/.*\///;
 
 $query = $ENV{'QUERY_STRING'};
-$local_cookie = $ENV{'LOCAL_COOKIE'};
+$cookie_file = $ENV{'LOCAL_COOKIE_FILE'};
+$local_cookie = '';
 $SENDMAIL = '/usr/lib/sendmail';
 $SENDMAIL = '/usr/sbin/sendmail' if -x '/usr/sbin/sendmail';
 $SENDMAIL_OPT = '-oi -t';
 
+if (-f $cookie_file) {
+    open(F, "< $cookie_file");
+    $local_cookie = <F>;
+    close(F);
+}
 if ($query =~ s/^\w+://) {
     $url = $query;
     $qurl = &html_quote($url);
@@ -43,8 +49,9 @@ if ($query =~ s/^\w+://) {
     print "\r\n";
     print "<html><head><title>W3M Mailer: $qurl</title></head>\n";
     print "<body><h1>W3M Mailer: $qurl</h1>\n";
-    print "<form action='file://$0' method='POST'>\n";
-    print "<input type='hidden' name='cookie' value='$local_cookie'>\n";
+    print "<form action=\"file://$0\" method='POST'>\n";
+    $local_cookie = &html_quote($local_cookie);
+    print "<input type='hidden' name='cookie' value=\"$local_cookie\">\n";
     print "<table>\n";
     foreach $h ('from', 'to', 'cc', 'bcc', 'subject') {
 	$v = &lang_html_quote($opt{$h});
@@ -52,6 +59,7 @@ if ($query =~ s/^\w+://) {
 	delete $opt{$h};
     }
     if ($boundary) {
+	$boundary = &html_quote($boundary);
 	print "<tr><td>Content-Type:<td>multipart/form-data; boundary=\"$boundary\"\n";
 	print "<input type='hidden' name='boundary' value=\"$boundary\">\n";
     }
@@ -98,8 +106,9 @@ if ($query =~ s/^\w+://) {
 	print "<html><head><title>W3M Mailer</title></head>\n";
 	print "<body>\n";
 	print "<h1>W3M Mailer: preview</h1>\n";
-	print "<form action='$0' method='POST'>\n";
-	print "<input type='hidden' name='cookie' value='$local_cookie'>\n";
+	print "<form action=\"file://$0\" method='POST'>\n";
+	$local_cookie = &html_quote($local_cookie);
+	print "<input type='hidden' name='cookie' value=\"$local_cookie\">\n";
 	print "<hr>\n";
 	print "<pre>\n";
 	foreach $h (keys %opt) {
@@ -112,13 +121,15 @@ if ($query =~ s/^\w+://) {
 	($cs,$cte,$body) = &lang_body(&lang_html_quote($body), 0);
 	print "Mime-Version: 1.0\n";
 	if ($boundary) {
+	    $boundary = &html_quote($boundary);
 	    print "Content-Type: multipart/form-data;\n";
 	    print "    boundary=\"$boundary\"\n";
 	} else {
 	    print "Content-Type: text/plain; charset=$cs\n";
 	}
 #	print "Content-Transfer-Encoding: $cte\n";
-	print "User-Agent: $ENV{'SERVER_SOFTWARE'} $prog/$id\n";
+	print "User-Agent: ", &html_quote("$ENV{'SERVER_SOFTWARE'} $prog/$id"),
+		"\n";
 	print "\n";
 	print $body;
 	print "\n" if ($body !~ /\n$/);
@@ -137,10 +148,10 @@ if ($query =~ s/^\w+://) {
 	foreach $h (keys %opt) {
 	    $qh = &html_quote($h);
 	    print "<tr><td>\u$qh:<td>$v{$h}\n";
-	    print "<input type='hidden' name=\"$qh\" value=\"$v\">\n";
+	    print "<input type='hidden' name=\"$qh\" value=\"$v{$h}\">\n";
 	}
 	print "<tr><td colspan=2>\n";
-	print "<textarea cols=40 rows=10 name='body'>\n";
+	print "<textarea cols=40 rows=10 name=body>\n";
 	if ($body) {
 	    print $body;
 	}
@@ -158,7 +169,7 @@ if ($query =~ s/^\w+://) {
 	    print "\r\n";
 	    print "<html><head><title>W3M Mailer</title></head>\n";
 	    print "<body><h1>W3M Mailer: open sendmail failed</h1>\n";
-	    print "<p>$@</p>\n";
+	    print "<p>", &html_quote($@), "</p>\n";
 	    print "</body></html>\n";
 	    exit(0);
 	}
@@ -189,7 +200,7 @@ if ($query =~ s/^\w+://) {
 	    print "\r\n";
 	    print "<html><head><title>W3M Mailer</title></head>\n";
 	    print "<body><h1>W3M Mailer: close sendmail failed</h1>\n";
-	    print "<p>$@</p>\n";
+	    print "<p>", &html_quote($@), "</p>\n";
 	    print "</body></html>\n";
 	}
     }
diff --git a/w3mbookmark.c b/w3mbookmark.c
index 57d9bcf..5e0da84 100644
--- a/w3mbookmark.c
+++ b/w3mbookmark.c
@@ -1,7 +1,5 @@
-/* $Id: w3mbookmark.c,v 1.7 2002/11/26 18:03:29 ukai Exp $ */
-#ifdef __EMX__
+/* $Id: w3mbookmark.c,v 1.8 2003/01/15 17:13:22 ukai Exp $ */
 #include <stdlib.h>
-#endif
 #include <stdio.h>
 #include "config.h"
 #include "Str.h"
@@ -10,46 +8,47 @@
 #include "parsetag.h"
 
 #if LANG == JA
-static char *bkmark_src1 = "<html><head><title>Bookmark Registration</title>\n\
-<body><h1>�֥å��ޡ�������Ͽ</h1>\n\n" "<form method=get action=\"file://%s/" W3MBOOKMARK_CMDNAME "\">\n\n" "<input type=hidden name=mode value=register>\n\
-<input type=hidden name=bmark value=\"%s\">\n\
-<table cellpadding=0>\n";
+#define BKMARK_TITLE "�֥å��ޡ�������Ͽ"
+#define BKMARK_ADD "��Ͽ"
+#define DEFAULT_SECTION "̤ʬ��"
+#else
+#define BKMARK_TITLE "Register to my bookmark"
+#define BKMARK_ADD "ADD"
+#define DEFAULT_SECTION "Miscellaneous"
+#endif
 
-static char *bkmark_src2 =
-    "<tr><td>New Section:</td><td><input type=text name=newsection width=60></td></tr>\n\
-<tr><td>URL:</td><td><input type=text name=url value=\"%s\" width=60></td></tr>\n\
-<tr><td>Title:</td><td><input type=text name=title value=\"%s\" width=60></td></tr>\n\
-<tr><td><input type=submit name=submit value=\"��Ͽ\"></td>\n\
-</table>\n\
-<input type=hidden name=cookie value=\"%s\">\
-</form>\
-</body></html>\n";
-static char *default_section = "̤ʬ��";
-#else				/* LANG != JA */
-static char *bkmark_src1 = "<html><head><title>Bookmark Registration</title>\n\
-<body><h1>Register to my bookmark</h1>\n\n" "<form method=get action=\"file://%s/" W3MBOOKMARK_CMDNAME "\">\n\n" "<input type=hidden name=mode value=register>\n\
+static char *bkmark_src1 =
+    "<html>\n\
+<head>\n\
+<title>" BKMARK_TITLE "</title>\n\
+</head>\n\
+<body>\n\
+<h1>" BKMARK_TITLE "</h1>\n\
+<form method=post action=\"file:///$LIB/" W3MBOOKMARK_CMDNAME "\">\n\
+<input type=hidden name=mode value=register>\n\
 <input type=hidden name=bmark value=\"%s\">\n\
+<input type=hidden name=cookie value=\"%s\">\n\
 <table cellpadding=0>\n";
 
 static char *bkmark_src2 =
-    "<tr><td>New Section:</td><td><input type=text name=newsection width=60></td></tr>\n\
-<tr><td>URL:</td><td><input type=text name=url value=\"%s\" width=60></td></tr>\n\
-<tr><td>Title:</td><td><input type=text name=title value=\"%s\" width=60></td></tr>\n\
-<tr><td><input type=submit name=submit value=\"ADD\"></td>\n\
+    "<tr><td>New&nbsp;Section:<td><input type=text name=newsection size=60>\n\
+<tr><td>URL:<td><input type=text name=url value=\"%s\" size=60>\n\
+<tr><td>Title:<td><input type=text name=title value=\"%s\" size=60>\n\
+<tr><td><input type=submit value=\"" BKMARK_ADD "\">\n\
 </table>\n\
-<input type=hidden name=cookie value=\"%s\">\
-</form>\
-</body></html>\n";
-static char *default_section = "Miscellaneous";
-#endif				/* LANG != JA */
+</form>\n\
+</body>\n\
+</html>\n";
 
+#undef FALSE
 #define FALSE 0
-#define T   1
+#undef TRUE
+#define TRUE 1
 
 static char end_section[] =
     "<!--End of section (do not delete this comment)-->\n";
 
-char *Local_cookie;
+static char *Local_cookie = NULL;
 
 void
 print_bookmark_panel(char *bmark, char *url, char *title)
@@ -59,7 +58,7 @@ print_bookmark_panel(char *bmark, char *url, char *title)
     char *p;
 
     printf("Content-Type: text/html\n\n");
-    printf(bkmark_src1, w3m_lib_dir(), bmark);
+    printf(bkmark_src1, html_quote(bmark), html_quote(Local_cookie));
     if ((f = fopen(bmark, "r")) != NULL) {
 	printf("<tr><td>Section:<td><select name=\"section\">\n");
 	while (tmp = Strfgets(f), tmp->length > 0) {
@@ -69,13 +68,13 @@ print_bookmark_panel(char *bmark, char *url, char *title)
 		tmp2 = Strnew();
 		while (*p && *p != '<')
 		    Strcat_char(tmp2, *p++);
-		printf("<option value=\"%s\">%s</option>", tmp2->ptr,
+		printf("<option value=\"%s\">%s\n", tmp2->ptr,
 		       tmp2->ptr);
 	    }
 	}
 	printf("</select>\n");
     }
-    printf(bkmark_src2, html_quote(url), html_quote(title), Local_cookie);
+    printf(bkmark_src2, html_quote(url), html_quote(title));
 }
 
 /* create new bookmark */
@@ -117,7 +116,7 @@ insert_bookmark(char *bmark, struct parsed_tagarg *data)
     if (section == NULL || *section == '\0')
 	section = tag_get_value(data, "section");
     if (section == NULL || *section == '\0')
-	section = default_section;
+	section = DEFAULT_SECTION;
 
     if (url == NULL || *url == '\0' || title == NULL || *title == '\0') {
 	/* Bookmark not added */
@@ -175,7 +174,9 @@ int
 main(int argc, char *argv[], char **envp)
 {
     extern char *getenv();
-    char *qs;
+    char *p;
+    int length;
+    Str qs = NULL;
     struct parsed_tagarg *cgiarg;
     char *mode;
     char *bmark;
@@ -183,21 +184,33 @@ main(int argc, char *argv[], char **envp)
     char *title;
     char *sent_cookie;
 
-    if ((qs = getenv("QUERY_STRING")) == NULL) {
-	printf("Content-Type: text/plain\n\n");
-	printf("Incomplete Request: no QUERY_STRING\n");
-	exit(1);
+    p = getenv("REQUEST_METHOD");
+    if (p == NULL || strcasecmp(p, "post"))
+	goto request_err;
+    p = getenv("CONTENT_LENGTH");
+    if (p == NULL || (length = atoi(p)) <= 0)
+	goto request_err;
+
+    qs = Strfgets(stdin);
+    Strchop(qs);
+    if (qs->length != length)
+	goto request_err;
+    cgiarg = cgistr2tagarg(qs->ptr);
+
+    p = getenv("LOCAL_COOKIE_FILE");
+    if (p) {
+	FILE *f = fopen(p, "r");
+	if (f) {
+	    Local_cookie = Strfgets(f)->ptr;
+	    fclose(f);
+	}
     }
-
-    cgiarg = cgistr2tagarg(qs);
-
-    Local_cookie = getenv("LOCAL_COOKIE");
     sent_cookie = tag_get_value(cgiarg, "cookie");
     if (sent_cookie == NULL || Local_cookie == NULL ||
 	strcmp(sent_cookie, Local_cookie) != 0) {
 	/* local cookie doesn't match: It may be an illegal invocation */
-	printf("Content-Type: text/plain\n");
-	printf("\nLocal cookie doesn't match: It may be an illegal invocation\n");
+	printf("Content-Type: text/plain\n\n");
+	printf("Local cookie doesn't match: It may be an illegal invocation\n");
 	exit(1);
     }
 
@@ -205,12 +218,8 @@ main(int argc, char *argv[], char **envp)
     bmark = expandPath(tag_get_value(cgiarg, "bmark"));
     url = tag_get_value(cgiarg, "url");
     title = tag_get_value(cgiarg, "title");
-    if (bmark == NULL || url == NULL) {
-	/* incomplete request */
-	printf("Content-Type: text/plain\n\n");
-	printf("Incomplete Request: QUERY_STRING=%s\n", qs);
-	exit(1);
-    }
+    if (bmark == NULL || url == NULL)
+	goto request_err;
     if (mode && !strcmp(mode, "panel")) {
 	if (title == NULL)
 	    title = "";
@@ -220,8 +229,14 @@ main(int argc, char *argv[], char **envp)
 	printf("Content-Type: text/plain\n");
 	if (insert_bookmark(bmark, cgiarg)) {
 	    printf("w3m-control: BACK\n");
-	    printf("w3m-control: BACK\n\n");
+	    printf("w3m-control: BACK\n");
 	}
+	printf("\n");
     }
     return 0;
+
+  request_err:
+    printf("Content-Type: text/plain\n\n");
+    printf("Incomplete Request: %s\n", qs ? qs->ptr : "(null)");
+    exit(1);
 }
diff --git a/w3mhelperpanel.c b/w3mhelperpanel.c
index b66c47c..3f9add6 100644
--- a/w3mhelperpanel.c
+++ b/w3mhelperpanel.c
@@ -1,7 +1,8 @@
-/* $Id: w3mhelperpanel.c,v 1.10 2002/11/26 18:03:29 ukai Exp $ */
+/* $Id: w3mhelperpanel.c,v 1.11 2003/01/15 17:13:22 ukai Exp $ */
 #include <errno.h>
 #include <stdlib.h>
 #include <stdio.h>
+#include <string.h>
 #include "config.h"
 #include "Str.h"
 #include "indep.h"
@@ -18,7 +19,7 @@
 #define MSG_DELETE		"���"
 #define MSG_DOIT		"�¹�"
 #else				/* LANG != JA */
-#define MSG_TITLE		"External Viewers"
+#define MSG_TITLE		"External Viewers Setup"
 #define MSG_NEW_ENTRY		"New Entry"
 #define MSG_TYPE		"Type"
 #define MSG_COMMAND		"Command"
@@ -81,32 +82,33 @@ printMailcapPanel(char *mailcap)
 	}
     }
     printf("Content-Type: text/html\n\n");
-    printf
-	("<html><head><title>External Viewer Setup</title></head><body><h1>%s</h1>\n",
-	 MSG_TITLE);
-    printf("<form method=get action=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME
+    printf("<html>\n<head>\n<title>%s</title>\n</head>\n<body>\n<h1>%s</h1>\n",
+	   MSG_TITLE, MSG_TITLE);
+    printf("<form method=post action=\"file:///$LIB/" W3MHELPERPANEL_CMDNAME
 	   "\">\n");
     printf("<input type=hidden name=mode value=edit>\n");
-    printf("<input type=hidden name=cookie value=\"%s\">\n", local_cookie);
-    printf
-	("%s: %s=<input type=text name=newtype><br>%s=<input type=text name=newcmd><br><input type=submit name=submit value=\"%s\">\n",
-	 MSG_NEW_ENTRY, MSG_TYPE, MSG_COMMAND, MSG_REGISTER);
-    printf
-	("<p><hr width=50%%><p><table border='0' cellpadding='0'><tr><th>&nbsp;&nbsp;<th><b>%s</b><th><b>%s</b>\n",
-	 MSG_TYPE, MSG_COMMAND);
+    printf("<input type=hidden name=cookie value=\"%s\">\n",
+	   html_quote(local_cookie));
+    printf("<table>\n<tr><td>%s:<td>%s=<input type=text name=newtype size=40>\n\
+<tr><td><td>%s=<input type=text name=newcmd size=40>\n\
+<tr><td><input type=submit name=submit value=\"%s\">\n</table>\n",
+	   MSG_NEW_ENTRY, MSG_TYPE, MSG_COMMAND, MSG_REGISTER);
+    printf("<p><hr width=50%%><p>\n<table border='0' cellpadding='0'>\n\
+<tr><th align=left><b>%s</b><th><b>%s</b>\n",
+	   MSG_TYPE, MSG_COMMAND);
     while (tmp = Strfgets(f), tmp->length > 0) {
 	if (tmp->ptr[0] == '#')
 	    continue;
 	Strchop(tmp);
 	extractMailcapEntry(tmp->ptr, &type, &viewer);
-	printf("<tr valign=top><td><td>%s<td>%s<td>", html_quote(type),
+	printf("<tr valign=top><td>%s<td>%s<td nowrap>", html_quote(type),
 	       html_quote(viewer));
 	printf("<input type=checkbox name=delete value=\"%s\">%s\n",
 	       html_quote(type), MSG_DELETE);
     }
-    printf
-	("</table><input type=submit name=submit value=\"%s\"></form></body></html>\n",
-	 MSG_DOIT);
+    printf("</table>\n<input type=submit name=submit value=\"%s\">\n</form>\n\
+</body>\n</html>\n",
+	   MSG_DOIT);
 }
 
 void
@@ -159,17 +161,34 @@ main(int argc, char *argv[], char **envp)
 {
     Str mailcapfile;
     extern char *getenv();
-    char *qs;
+    char *p;
+    int length;
+    Str qs = NULL;
     struct parsed_tagarg *cgiarg;
     char *mode;
     char *sent_cookie;
 
-    if ((qs = getenv("QUERY_STRING")) == NULL)
-	exit(1);
-
-    cgiarg = cgistr2tagarg(qs);
-
-    local_cookie = getenv("LOCAL_COOKIE");
+    p = getenv("REQUEST_METHOD");
+    if (p == NULL || strcasecmp(p, "post"))
+	goto request_err;
+    p = getenv("CONTENT_LENGTH");
+    if (p == NULL || (length = atoi(p)) <= 0)
+	goto request_err;
+
+    qs = Strfgets(stdin);
+    Strchop(qs);
+    if (qs->length != length)
+	goto request_err;
+    cgiarg = cgistr2tagarg(qs->ptr);
+
+    p = getenv("LOCAL_COOKIE_FILE");
+    if (p) {
+	FILE *f = fopen(p, "r");
+	if (f) {
+	    local_cookie = Strfgets(f)->ptr;
+	    fclose(f);
+	}
+    }
     sent_cookie = tag_get_value(cgiarg, "cookie");
     if (local_cookie == NULL || sent_cookie == NULL ||
 	strcmp(local_cookie, sent_cookie) != 0) {
@@ -178,8 +197,7 @@ main(int argc, char *argv[], char **envp)
     }
 
     mode = tag_get_value(cgiarg, "mode");
-    mailcapfile = Strnew_charp(expandPath(RC_DIR));
-    Strcat_charp(mailcapfile, "/mailcap");
+    mailcapfile = Strnew_charp(expandPath(USER_MAILCAP));
     if (mode && !strcmp(mode, "edit")) {
 	char *referer;
 	/* check if I can edit my mailcap */
@@ -198,4 +216,8 @@ main(int argc, char *argv[], char **envp)
 	printMailcapPanel(mailcapfile->ptr);
     }
     return 0;
+
+  request_err:
+    bye("Incomplete Request:", qs ? qs->ptr : "(null)");
+    exit(1);
 }
-- 
cgit v1.2.3