From 549ee1cc09be5bbdc613649eb9be3ebc122c0331 Mon Sep 17 00:00:00 2001 From: Fumitoshi UKAI Date: Wed, 15 Jan 2003 17:13:21 +0000 Subject: [w3m-dev 03644] Re: Other user can see local cookie. * cookie.c (save_cookies): return if no_rc_dir * etc.c (tmpf_base): add cookie (tmpfname): use tmp_dir instead of rc_dir * file.c (loadGeneralFile): cookie is not passed via URL * fm.h (TMPF_COOKIE): incl (MAX_TMPF_TYPE): incl (no_rc_dir): added (tmp_dir): added (config_file): added * local.c (Local_cookie_file): added (writeLocalCookie): added (setLocalCookie): dont set environment LOCAL_COOKIE (localcgi_post): writeLocalCookie (localcgi_get): writeLocalCookie * main.c (config_filename): deleted (cmd_loadURL): arg FormList (main): rewrite config_file, rc (ldhelp): no cookie in URL (cmd_loadURL): arg FormList (goURL0): cmd_loadURL change (cmd_loadBuffer): cmd_loadURL change (adBmark): cookie is posted (follow_map): cmd_loadURL change (linkMn): cmd_loadURL change (reinit): init_rc change * proto.h (create_option_search_table): deleted (init_rc): no args * rc.c (create_option_search_table): static (init_rc): no args rewrite (optionpanel_src1): rewrite (load_option_panel): html_quote (panel_set_option): no_rc_dir * w3mbookmark.c: rewrite * w3mhelperpanel.c: rewrite * scripts/dirlist.cgi.in: rewrite * scripts/w3mhelp.cgi.in: rewrite * scripts/w3mmail.cgi.in: rewrite * scripts/multipart/multipart.cgi.in: rewrite From: Hironori SAKAMOTO --- ChangeLog | 45 +++++++++++++- cookie.c | 4 +- etc.c | 6 +- file.c | 8 +-- fm.h | 9 ++- local.c | 24 +++++++- main.c | 61 +++++++++---------- proto.h | 5 +- rc.c | 70 +++++++++++++-------- scripts/dirlist.cgi.in | 61 ++++++++----------- scripts/multipart/multipart.cgi.in | 25 ++------ scripts/w3mhelp.cgi.in | 18 +----- scripts/w3mmail.cgi.in | 33 ++++++---- w3mbookmark.c | 121 +++++++++++++++++++++---------------- w3mhelperpanel.c | 74 +++++++++++++++-------- 15 files changed, 327 insertions(+), 237 deletions(-) diff --git a/ChangeLog b/ChangeLog index 7eed7ef..4646b5e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,46 @@ +2003-01-16 Hironori SAKAMOTO + + * [w3m-dev 03644] Re: Other user can see local cookie. + * cookie.c (save_cookies): return if no_rc_dir + * etc.c (tmpf_base): add cookie + (tmpfname): use tmp_dir instead of rc_dir + * file.c (loadGeneralFile): cookie is not passed via URL + * fm.h (TMPF_COOKIE): incl + (MAX_TMPF_TYPE): incl + (no_rc_dir): added + (tmp_dir): added + (config_file): added + * local.c (Local_cookie_file): added + (writeLocalCookie): added + (setLocalCookie): dont set environment LOCAL_COOKIE + (localcgi_post): writeLocalCookie + (localcgi_get): writeLocalCookie + * main.c (config_filename): deleted + (cmd_loadURL): arg FormList + (main): rewrite config_file, rc + (ldhelp): no cookie in URL + (cmd_loadURL): arg FormList + (goURL0): cmd_loadURL change + (cmd_loadBuffer): cmd_loadURL change + (adBmark): cookie is posted + (follow_map): cmd_loadURL change + (linkMn): cmd_loadURL change + (reinit): init_rc change + * proto.h (create_option_search_table): deleted + (init_rc): no args + * rc.c (create_option_search_table): static + (init_rc): no args + rewrite + (optionpanel_src1): rewrite + (load_option_panel): html_quote + (panel_set_option): no_rc_dir + * w3mbookmark.c: rewrite + * w3mhelperpanel.c: rewrite + * scripts/dirlist.cgi.in: rewrite + * scripts/w3mhelp.cgi.in: rewrite + * scripts/w3mmail.cgi.in: rewrite + * scripts/multipart/multipart.cgi.in: rewrite + 2003-01-16 Fumitoshi UKAI * file.c (loadGopherDir): convertLine RAW_MODE @@ -6476,4 +6519,4 @@ a * [w3m-dev 03276] compile error on EWS4800 * release-0-2-1 * import w3m-0.2.1 -$Id: ChangeLog,v 1.684 2003/01/15 16:24:25 ukai Exp $ +$Id: ChangeLog,v 1.685 2003/01/15 17:13:21 ukai Exp $ diff --git a/cookie.c b/cookie.c index 583cd35..4c8bb47 100644 --- a/cookie.c +++ b/cookie.c @@ -1,4 +1,4 @@ -/* $Id: cookie.c,v 1.7 2002/01/10 15:39:21 ukai Exp $ */ +/* $Id: cookie.c,v 1.8 2003/01/15 17:13:21 ukai Exp $ */ /* * References for version 0 cookie: @@ -417,7 +417,7 @@ save_cookies(void) check_expired_cookies(); - if (!First_cookie || is_saved || rc_dir_is_tmp) + if (!First_cookie || is_saved || no_rc_dir) return; cookie_file = rcFile(COOKIE_FILE); diff --git a/etc.c b/etc.c index d5ecaeb..886cb1d 100644 --- a/etc.c +++ b/etc.c @@ -1,4 +1,4 @@ -/* $Id: etc.c,v 1.48 2003/01/15 16:11:43 ukai Exp $ */ +/* $Id: etc.c,v 1.49 2003/01/15 17:13:21 ukai Exp $ */ #include "fm.h" #include #include "myctype.h" @@ -1503,7 +1503,7 @@ file_to_url(char *file) } static char *tmpf_base[MAX_TMPF_TYPE] = { - "tmp", "src", "frame", "cache" + "tmp", "src", "frame", "cache", "cookie", }; static unsigned int tmpf_seq[MAX_TMPF_TYPE]; @@ -1512,7 +1512,7 @@ tmpfname(int type, char *ext) { Str tmpf; tmpf = Sprintf("%s/w3m%s%d-%d%s", - rc_dir, + tmp_dir, tmpf_base[type], CurrentPid, tmpf_seq[type]++, (ext) ? ext : ""); pushText(fileToDelete, tmpf->ptr); diff --git a/file.c b/file.c index b5829e8..3634ce4 100644 --- a/file.c +++ b/file.c @@ -1,4 +1,4 @@ -/* $Id: file.c,v 1.186 2003/01/15 16:24:25 ukai Exp $ */ +/* $Id: file.c,v 1.187 2003/01/15 17:13:21 ukai Exp $ */ #include "fm.h" #include #include "myctype.h" @@ -1550,10 +1550,8 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer, return NULL; if (S_ISDIR(st.st_mode)) { if (UseExternalDirBuffer) { - Str cmd = Sprintf("%s?cookie=%s&dir=%s#current", - DirBufferCommand, - (Str_form_quote(Local_cookie))->ptr, - pu.file); + Str cmd = Sprintf("%s?dir=%s#current", + DirBufferCommand, pu.file); b = loadGeneralFile(cmd->ptr, NULL, NO_REFERER, 0, NULL); if (b != NULL && b != NO_BUFFER) { diff --git a/fm.h b/fm.h index 526806e..8e4e8fd 100644 --- a/fm.h +++ b/fm.h @@ -1,4 +1,4 @@ -/* $Id: fm.h,v 1.102 2003/01/10 16:42:40 ukai Exp $ */ +/* $Id: fm.h,v 1.103 2003/01/15 17:13:22 ukai Exp $ */ /* * w3m: WWW wo Miru utility * @@ -742,7 +742,8 @@ typedef struct http_request { #define TMPF_SRC 1 #define TMPF_FRAME 2 #define TMPF_CACHE 3 -#define MAX_TMPF_TYPE 4 +#define TMPF_COOKIE 4 +#define MAX_TMPF_TYPE 5 #define set_no_proxy(domains) (NO_proxy_domains=make_domain_list(domains)) @@ -1017,8 +1018,10 @@ global char UseGraphicChar init(TRUE); extern char alt_rule[]; #endif /* not KANJI_SYMBOLS */ extern char UseAltEntity; +global int no_rc_dir init(FALSE); global char *rc_dir; -global int rc_dir_is_tmp init(FALSE); +global char *tmp_dir; +global char *config_file init(NULL); #ifdef USE_MOUSE global int use_mouse init(TRUE); diff --git a/local.c b/local.c index 445d1c1..a0d8c26 100644 --- a/local.c +++ b/local.c @@ -1,4 +1,4 @@ -/* $Id: local.c,v 1.20 2003/01/15 16:24:25 ukai Exp $ */ +/* $Id: local.c,v 1.21 2003/01/15 17:13:22 ukai Exp $ */ #include "fm.h" #include #include @@ -23,6 +23,25 @@ #define CGIFN_CONTAIN_SLASH 4 +static char *Local_cookie_file = NULL; + +static void +writeLocalCookie() +{ + FILE *f; + + if (no_rc_dir) + return; + Local_cookie_file = tmpfname(TMPF_COOKIE, NULL)->ptr; + set_environ("LOCAL_COOKIE_FILE", Local_cookie_file); + f = fopen(Local_cookie_file, "wb"); + if (!f) + return; + fwrite(Local_cookie->ptr, sizeof(char), Local_cookie->length, f); + fclose(f); + chmod(Local_cookie_file, S_IRUSR | S_IWUSR); +} + /* setup cookie for local CGI */ void setLocalCookie() @@ -31,7 +50,6 @@ setLocalCookie() gethostname(hostname, 256); Local_cookie = Sprintf("%d.%ld@%s", CurrentPid, lrand48(), hostname); - set_environ("LOCAL_COOKIE", Local_cookie->ptr); } Str @@ -395,6 +413,7 @@ localcgi_post(char *uri, char *qstr, FormList *request, char *referer) file = cgi_filename(uri, &status); if (check_local_cgi(file, status) < 0) return NULL; + writeLocalCookie(); tmp1 = tmpfname(TMPF_DFL, NULL); if ((pid = localcgi_popen_r(&f)) < 0) return NULL; @@ -459,6 +478,7 @@ localcgi_get(char *uri, char *request, char *referer) file = cgi_filename(uri, &status); if (check_local_cgi(file, status) < 0) return NULL; + writeLocalCookie(); if ((pid = localcgi_popen_r(&f)) < 0) return NULL; else if (pid) diff --git a/main.c b/main.c index f6e71ef..83a1198 100644 --- a/main.c +++ b/main.c @@ -1,4 +1,4 @@ -/* $Id: main.c,v 1.193 2003/01/15 16:24:25 ukai Exp $ */ +/* $Id: main.c,v 1.194 2003/01/15 17:13:22 ukai Exp $ */ #define MAINPROGRAM #include "fm.h" #include @@ -26,8 +26,6 @@ extern int do_getch(); #define DSTR_LEN 256 -static char *config_filename = NULL; - Hist *LoadHist; Hist *SaveHist; Hist *URLHist; @@ -71,7 +69,8 @@ JMP_BUF IntReturn; static void delBuffer(Buffer *buf); static void cmd_loadfile(char *path); -static void cmd_loadURL(char *url, ParsedURL *current, char *referer); +static void cmd_loadURL(char *url, ParsedURL *current, char *referer, + FormList *request); static void cmd_loadBuffer(Buffer *buf, int prop, int linkid); static void keyPressEventProc(int c); int show_params_p = 0; @@ -383,12 +382,7 @@ main(int argc, char **argv, char **envp) CurrentDir = currentdir(); CurrentPid = (int)getpid(); BookmarkFile = NULL; - rc_dir = expandName(RC_DIR); - i = strlen(rc_dir); - if (i > 1 && rc_dir[i - 1] == '/') - rc_dir[i - 1] = '\0'; - config_filename = rcFile(CONFIG_FILE); - create_option_search_table(); + config_file = NULL; /* argument search 1 */ for (i = 1; i < argc; i++) { @@ -397,7 +391,7 @@ main(int argc, char **argv, char **envp) argv[i] = "-dummy"; if (++i >= argc) usage(); - config_filename = argv[i]; + config_file = argv[i]; argv[i] = "-dummy"; } else if (!strcmp("-h", argv[i]) || !strcmp("-help", argv[i])) @@ -410,7 +404,7 @@ main(int argc, char **argv, char **envp) } /* initializations */ - init_rc(config_filename); + init_rc(); LoadHist = newHist(); SaveHist = newHist(); @@ -2007,17 +2001,16 @@ ldhelp(void) #ifdef USE_HELP_CGI char *lang; int n; + Str tmp; lang = AcceptLang; n = strcspn(lang, ";, \t"); - cmd_loadURL(Sprintf("file:///$LIB/" HELP_CGI CGI_EXTENSION - "?cookie=%s&version=%s&lang=%s", - Str_form_quote(Local_cookie)->ptr, - Str_form_quote(Strnew_charp(w3m_version))->ptr, - Str_form_quote(Strnew_charp_n(lang, n))->ptr)->ptr, - NULL, NO_REFERER); + tmp = Sprintf("file:///$LIB/" HELP_CGI CGI_EXTENSION "?version=%s&lang=%s", + Str_form_quote(Strnew_charp(w3m_version))->ptr, + Str_form_quote(Strnew_charp_n(lang, n))->ptr); + cmd_loadURL(tmp->ptr, NULL, NO_REFERER, NULL); #else - cmd_loadURL(helpFile(HELP_FILE), NULL, NO_REFERER); + cmd_loadURL(helpFile(HELP_FILE), NULL, NO_REFERER, NULL); #endif } @@ -3813,7 +3806,7 @@ deletePrevBuf() } static void -cmd_loadURL(char *url, ParsedURL *current, char *referer) +cmd_loadURL(char *url, ParsedURL *current, char *referer, FormList *request) { Buffer *buf; @@ -3850,7 +3843,7 @@ cmd_loadURL(char *url, ParsedURL *current, char *referer) #endif /* USE_NNTP */ refresh(); - buf = loadGeneralFile(url, current, referer, 0, NULL); + buf = loadGeneralFile(url, current, referer, 0, request); if (buf == NULL) { char *emsg = Sprintf("Can't load %s", conv_from_system(url))->ptr; disp_err_message(emsg, FALSE); @@ -3925,7 +3918,7 @@ goURL0(char *prompt, int relative) } parseURL2(url, &p_url, current); pushHashHist(URLHist, parsedURL2Str(&p_url)->ptr); - cmd_loadURL(url, current, referer); + cmd_loadURL(url, current, referer, NULL); if (Currentbuf != cur_buf) /* success */ pushHashHist(URLHist, parsedURL2Str(&Currentbuf->currentURL)->ptr); } @@ -3965,7 +3958,7 @@ cmd_loadBuffer(Buffer *buf, int prop, int linkid) void ldBmark(void) { - cmd_loadURL(BookmarkFile, NULL, NO_REFERER); + cmd_loadURL(BookmarkFile, NULL, NO_REFERER, NULL); } @@ -3974,15 +3967,19 @@ void adBmark(void) { Str tmp; + FormList *request; - tmp = Sprintf("file://%s/" W3MBOOKMARK_CMDNAME - "?mode=panel&cookie=%s&bmark=%s&url=%s&title=%s", - w3m_lib_dir(), (Str_form_quote(Local_cookie))->ptr, + tmp = Sprintf("mode=panel&cookie=%s&bmark=%s&url=%s&title=%s", + (Str_form_quote(Local_cookie))->ptr, (Str_form_quote(Strnew_charp(BookmarkFile)))->ptr, (Str_form_quote(parsedURL2Str(&Currentbuf->currentURL)))-> ptr, (Str_form_quote(Strnew_charp(Currentbuf->buffername)))->ptr); - cmd_loadURL(tmp->ptr, NULL, NO_REFERER); + request = newFormList(NULL, "post", NULL, NULL, NULL, NULL, NULL); + request->body = tmp->ptr; + request->length = tmp->length; + cmd_loadURL("file:///$LIB/" W3MBOOKMARK_CMDNAME, NULL, NO_REFERER, + request); } /* option setting */ @@ -4086,7 +4083,7 @@ follow_map(struct parsed_tagarg *arg) _newT(); buf = Currentbuf; cmd_loadURL(a->url, baseURL(Currentbuf), - parsedURL2Str(&Currentbuf->currentURL)->ptr); + parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL); if (buf != Currentbuf) delBuffer(buf); else @@ -4095,7 +4092,7 @@ follow_map(struct parsed_tagarg *arg) return; } cmd_loadURL(a->url, baseURL(Currentbuf), - parsedURL2Str(&Currentbuf->currentURL)->ptr); + parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL); #endif } @@ -4116,7 +4113,7 @@ linkMn(void) parseURL2(l->url, &p_url, baseURL(Currentbuf)); pushHashHist(URLHist, parsedURL2Str(&p_url)->ptr); cmd_loadURL(l->url, baseURL(Currentbuf), - parsedURL2Str(&Currentbuf->currentURL)->ptr); + parsedURL2Str(&Currentbuf->currentURL)->ptr, NULL); } static void @@ -5621,7 +5618,7 @@ reinit() char *resource = searchKeyData(); if (resource == NULL) { - init_rc(config_filename); + init_rc(); sync_with_option(); #ifdef USE_COOKIE initCookie(); @@ -5631,7 +5628,7 @@ reinit() } if (!strcasecmp(resource, "CONFIG") || !strcasecmp(resource, "RC")) { - init_rc(config_filename); + init_rc(); sync_with_option(); displayBuffer(Currentbuf, B_REDRAW_IMAGE); return; diff --git a/proto.h b/proto.h index c2ea361..65d32fc 100644 --- a/proto.h +++ b/proto.h @@ -1,4 +1,4 @@ -/* $Id: proto.h,v 1.78 2003/01/15 16:11:43 ukai Exp $ */ +/* $Id: proto.h,v 1.79 2003/01/15 17:13:22 ukai Exp $ */ /* * This file was automatically generated by version 1.7 of cextract. * Manual editing not recommended. @@ -561,8 +561,7 @@ extern Str decodeMIME(char *orgstr); extern Str encodeB(char *a); extern int set_param_option(char *option); extern char *get_param_option(char *name); -extern void create_option_search_table(); -extern void init_rc(char *config_filename); +extern void init_rc(void); extern Buffer *load_option_panel(void); extern void panel_set_option(struct parsed_tagarg *); extern void sync_with_option(void); diff --git a/rc.c b/rc.c index 103c02e..3215c31 100644 --- a/rc.c +++ b/rc.c @@ -1,4 +1,4 @@ -/* $Id: rc.c,v 1.74 2002/12/27 16:07:44 ukai Exp $ */ +/* $Id: rc.c,v 1.75 2003/01/15 17:13:22 ukai Exp $ */ /* * Initialization file etc. */ @@ -847,7 +847,7 @@ compare_table(struct rc_search_table *a, struct rc_search_table *b) return strcmp(a->param->name, b->param->name); } -void +static void create_option_search_table() { int i, j, k; @@ -1366,24 +1366,25 @@ sync_with_option(void) } void -init_rc(char *config_filename) +init_rc(void) { + int i; struct stat st; FILE *f; - char *tmpdir; - if (((tmpdir = getenv("TMP")) == NULL || *tmpdir == '\0') - && ((tmpdir = getenv("TEMP")) == NULL || *tmpdir == '\0') - && ((tmpdir = getenv("TMPDIR")) == NULL || *tmpdir == '\0')) - tmpdir = "/tmp"; + if (config_file != NULL) + goto open_rc; + + rc_dir = expandName(RC_DIR); + i = strlen(rc_dir); + if (i > 1 && rc_dir[i - 1] == '/') + rc_dir[i - 1] = '\0'; if (stat(rc_dir, &st) < 0) { if (errno == ENOENT) { /* no directory */ if (do_mkdir(rc_dir, 0700) < 0) { fprintf(stderr, "Can't create config directory (%s)!", rc_dir); - rc_dir = tmpdir; - rc_dir_is_tmp = TRUE; - return; + goto rc_dir_err; } else { stat(rc_dir, &st); @@ -1391,37 +1392,56 @@ init_rc(char *config_filename) } else { fprintf(stderr, "Can't open config directory (%s)!", rc_dir); - rc_dir = tmpdir; - rc_dir_is_tmp = TRUE; - return; + goto rc_dir_err; } } if (!S_ISDIR(st.st_mode)) { /* not a directory */ fprintf(stderr, "%s is not a directory!", rc_dir); - rc_dir = tmpdir; - rc_dir_is_tmp = TRUE; - return; + goto rc_dir_err; } + if (!(st.st_mode & S_IWUSR)) { + fprintf(stderr, "%s is not writable!", rc_dir); + goto rc_dir_err; + } + no_rc_dir = FALSE; + tmp_dir = rc_dir; + + if (config_file == NULL) + config_file = rcFile(CONFIG_FILE); + + create_option_search_table(); + open_rc: /* open config file */ if ((f = fopen(etcFile(W3MCONFIG), "rt")) != NULL) { interpret_rc(f); fclose(f); } - config_file = config_filename; - if (config_file == NULL) - config_file = rcFile(CONFIG_FILE); if ((f = fopen(config_file, "rt")) != NULL) { interpret_rc(f); fclose(f); } + return; + + rc_dir_err: + no_rc_dir = TRUE; + if (((tmp_dir = getenv("TMPDIR")) == NULL || *tmp_dir == '\0') && + ((tmp_dir = getenv("TMP")) == NULL || *tmp_dir == '\0') && + ((tmp_dir = getenv("TEMP")) == NULL || *tmp_dir == '\0')) + tmp_dir = "/tmp"; } static char optionpanel_src1[] = - "Option Setting Panel\ -
Option Setting Panel
(w3m version %s)

\n" "%s\n" "

"; + "Option Setting Panel\ +

Option Setting Panel
(w3m version %s)

\ +\ +\ +\ +\ +

\ +
"; static Str to_str(struct param_ptr *p) @@ -1458,8 +1478,8 @@ to_str(struct param_ptr *p) Buffer * load_option_panel(void) { - Str src = Sprintf(optionpanel_src1, w3m_version, - (Str_form_quote(Local_cookie))->ptr, CMT_HELPER); + Str src = Sprintf(optionpanel_src1, html_quote(w3m_version), + html_quote(Local_cookie->ptr), CMT_HELPER); struct param_ptr *p; struct sel_c *s; int x, i; @@ -1530,7 +1550,7 @@ panel_set_option(struct parsed_tagarg *arg) { FILE *f = NULL; - if (rc_dir_is_tmp) { + if (no_rc_dir) { disp_message("There's no ~/.w3m directory... config not saved", FALSE); } else { diff --git a/scripts/dirlist.cgi.in b/scripts/dirlist.cgi.in index 9bed644..2949ebe 100755 --- a/scripts/dirlist.cgi.in +++ b/scripts/dirlist.cgi.in @@ -33,15 +33,16 @@ $query = $ENV{'QUERY_STRING'}; $dir = ''; $cmd = ''; $cookie = ''; -# $cgi = 0; -# if ($query eq '') { -# $_ = `pwd`; # insecure? -# chop; -# s/\r$//; -# $dir = $_; -# $cgi = 0; -# } elsif ($query =~ /^(opt\d+|dir|cmd|cookie)=/) { - foreach(split(/\&/, $query)) { +$local_cookie = ''; +foreach(split(/\&/, $query)) { + if (s/^dir=//) { + $dir = &form_decode($_); + } +} +$body = undef; +if ($ENV{'REQUEST_METHOD'} eq 'POST') { + sysread(STDIN, $body, $ENV{'CONTENT_LENGTH'}); + foreach(split(/\&/, $body)) { if (s/^dir=//) { $dir = &form_decode($_); } elsif (s/^opt(\d+)=//) { @@ -52,27 +53,22 @@ $cookie = ''; $cookie = &form_decode($_); } } - if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) { - print <; + close(F); +} +if ($local_cookie eq '' || (defined($body) && $cookie ne $local_cookie)) { + print < 0) && print < +
- +
EOF foreach(0 .. 2) { @@ -433,7 +424,7 @@ EOF
- + EOF } diff --git a/scripts/multipart/multipart.cgi.in b/scripts/multipart/multipart.cgi.in index d51a521..1dd981a 100644 --- a/scripts/multipart/multipart.cgi.in +++ b/scripts/multipart/multipart.cgi.in @@ -28,24 +28,14 @@ if (defined($query)) { } $file = &form_decode($v{'file'}); $boundary = &form_decode($v{'boundary'}); - $cookie = &form_decode($v{'cookie'}); - if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) { - print <= 2) { $boundary = $ARGV[1]; } - $cookie = $ENV{'LOCAL_COOKIE'}; } - -open(F, "< $file"); +(-f $file) || exit(1); +open(F, "< $file") || exit(1); $end = 0; $mbody = ''; if (defined($boundary)) { @@ -131,7 +121,6 @@ if (defined($v{'count'})) { $qcgi = &html_quote($CGI); $qfile = &html_quote($file); $qboundary = &html_quote($boundary); -$qcookie = &html_quote($cookie); if ($mbody =~ /\S/) { $_ = $mbody; @@ -196,20 +185,16 @@ while(! $end) { s/\>/\>/g; print "
\n";
 		print $_;
-		print "\n
\n"; + print "\n"; if ($type =~ /name=\"?([^\"]+)\"?/ || $dispos =~ /filename=\"?([^\"]+)\"?/) { $name = $1; } else { $name = "Content"; } - print "
\n"; - print "\n"; - print "\n"; - print "\n"; - print "\n"; + print "\n"; if ($image) { - print "\n"; } else { print "; + close(F); +} if ($query =~ s/^\w+://) { $url = $query; $qurl = &html_quote($url); @@ -43,8 +49,9 @@ if ($query =~ s/^\w+://) { print "\r\n"; print "W3M Mailer: $qurl\n"; print "

W3M Mailer: $qurl

\n"; - print "\n"; - print "\n"; + print "\n"; + $local_cookie = &html_quote($local_cookie); + print "\n"; print "\n"; foreach $h ('from', 'to', 'cc', 'bcc', 'subject') { $v = &lang_html_quote($opt{$h}); @@ -52,6 +59,7 @@ if ($query =~ s/^\w+://) { delete $opt{$h}; } if ($boundary) { + $boundary = &html_quote($boundary); print "
Content-Type:multipart/form-data; boundary=\"$boundary\"\n"; print "\n"; } @@ -98,8 +106,9 @@ if ($query =~ s/^\w+://) { print "W3M Mailer\n"; print "\n"; print "

W3M Mailer: preview

\n"; - print "\n"; - print "\n"; + print "\n"; + $local_cookie = &html_quote($local_cookie); + print "\n"; print "
\n"; print "
\n";
 	foreach $h (keys %opt) {
@@ -112,13 +121,15 @@ if ($query =~ s/^\w+://) {
 	($cs,$cte,$body) = &lang_body(&lang_html_quote($body), 0);
 	print "Mime-Version: 1.0\n";
 	if ($boundary) {
+	    $boundary = &html_quote($boundary);
 	    print "Content-Type: multipart/form-data;\n";
 	    print "    boundary=\"$boundary\"\n";
 	} else {
 	    print "Content-Type: text/plain; charset=$cs\n";
 	}
 #	print "Content-Transfer-Encoding: $cte\n";
-	print "User-Agent: $ENV{'SERVER_SOFTWARE'} $prog/$id\n";
+	print "User-Agent: ", &html_quote("$ENV{'SERVER_SOFTWARE'} $prog/$id"),
+		"\n";
 	print "\n";
 	print $body;
 	print "\n" if ($body !~ /\n$/);
@@ -137,10 +148,10 @@ if ($query =~ s/^\w+://) {
 	foreach $h (keys %opt) {
 	    $qh = &html_quote($h);
 	    print "
\u$qh:$v{$h}\n"; - print "\n"; + print "\n"; } print "
\n"; - print "