From 549ee1cc09be5bbdc613649eb9be3ebc122c0331 Mon Sep 17 00:00:00 2001
From: Fumitoshi UKAI <ukai@debian.or.jp>
Date: Wed, 15 Jan 2003 17:13:21 +0000
Subject: [w3m-dev 03644] Re: Other user can see local cookie. * cookie.c
 (save_cookies): return if no_rc_dir * etc.c (tmpf_base): add cookie 
 (tmpfname): use tmp_dir instead of rc_dir * file.c (loadGeneralFile): cookie
 is not passed via URL * fm.h (TMPF_COOKIE): incl 	(MAX_TMPF_TYPE): incl 
 (no_rc_dir): added 	(tmp_dir): added 	(config_file): added * local.c
 (Local_cookie_file): added 	(writeLocalCookie): added 
 (setLocalCookie): dont set environment LOCAL_COOKIE 	(localcgi_post):
 writeLocalCookie 	(localcgi_get): writeLocalCookie * main.c
 (config_filename): deleted 	(cmd_loadURL): arg FormList 	(main):
 rewrite config_file, rc 	(ldhelp): no cookie in URL 	(cmd_loadURL):
 arg FormList 	(goURL0): cmd_loadURL change 	(cmd_loadBuffer): cmd_loadURL
 change 	(adBmark): cookie is posted 	(follow_map): cmd_loadURL
 change 	(linkMn): cmd_loadURL change 	(reinit): init_rc change *
 proto.h (create_option_search_table): deleted 	(init_rc): no args * rc.c
 (create_option_search_table): static 	(init_rc): no args 	
 rewrite 	(optionpanel_src1): rewrite 	(load_option_panel):
 html_quote 	(panel_set_option): no_rc_dir * w3mbookmark.c: rewrite *
 w3mhelperpanel.c: rewrite * scripts/dirlist.cgi.in: rewrite *
 scripts/w3mhelp.cgi.in: rewrite * scripts/w3mmail.cgi.in: rewrite *
 scripts/multipart/multipart.cgi.in: rewrite From: Hironori SAKAMOTO
 <hsaka@mth.biglobe.ne.jp>

---
 scripts/multipart/multipart.cgi.in | 25 +++++--------------------
 1 file changed, 5 insertions(+), 20 deletions(-)

(limited to 'scripts/multipart')

diff --git a/scripts/multipart/multipart.cgi.in b/scripts/multipart/multipart.cgi.in
index d51a521..1dd981a 100644
--- a/scripts/multipart/multipart.cgi.in
+++ b/scripts/multipart/multipart.cgi.in
@@ -28,24 +28,14 @@ if (defined($query)) {
 	}
 	$file = &form_decode($v{'file'});
 	$boundary = &form_decode($v{'boundary'});
-	$cookie = &form_decode($v{'cookie'});
-	if (($cookie eq "") || ($cookie ne $ENV{"LOCAL_COOKIE"})) {
-		print <<EOF;
-Content-Type: text/plain
-
-Local cookie doesn't match: It may be an illegal execution
-EOF
-		exit(1);
-	}
 } else {
 	$file = $ARGV[0];
 	if (@ARGV >= 2) {
 		$boundary = $ARGV[1];
 	}
-	$cookie = $ENV{'LOCAL_COOKIE'};
 }
-
-open(F, "< $file");
+(-f $file) || exit(1);
+open(F, "< $file") || exit(1);
 $end = 0;
 $mbody = '';
 if (defined($boundary)) {
@@ -131,7 +121,6 @@ if (defined($v{'count'})) {
 $qcgi = &html_quote($CGI);
 $qfile = &html_quote($file);
 $qboundary = &html_quote($boundary);
-$qcookie = &html_quote($cookie);
 
 if ($mbody =~ /\S/) {
 	$_ = $mbody;
@@ -196,20 +185,16 @@ while(! $end) {
 		s/\>/\&gt;/g;
 		print "<pre>\n";
 		print $_;
-		print "\n</pre>\n";
+		print "</pre>\n";
 		if ($type =~ /name=\"?([^\"]+)\"?/ ||
 			$dispos =~ /filename=\"?([^\"]+)\"?/) {
 			$name = $1;
 		} else {
 			$name = "Content";
 		}
-		print "<form method=POST action=\"$qcgi?$count\">\n";
-		print "<input type=hidden name=file value=\"$qfile\">\n";
-		print "<input type=hidden name=boundary value=\"$qboundary\">\n";
-		print "<input type=hidden name=cookie value=\"$qcookie\">\n";
-		print "<input type=hidden name=count value=\"$count\">\n";
+		print "<form action=\"$qcgi?file=$qfile&amp;boundary=$qboundary&amp;count=$count\">\n";
 		if ($image) {
-			print "<input type=image name=submit src=\"$CGI?file=$qfile&amp;boundary=$qboundary&amp;cookie=$qcookie&amp;count=$count\" alt=\"",
+			print "<input type=image name=submit src=\"$qcgi?file=$qfile&amp;boundary=$qboundary&amp;count=$count\" alt=\"",
 				&html_quote($name), "\">\n";
 		} else {
 			print "<input type=submit name=submit value=\"",
-- 
cgit v1.2.3