diff options
author | Andrew Bartlett <abartlet@samba.org> | 2003-12-25 09:37:41 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2003-12-25 09:37:41 +0000 |
commit | 8d54f5fe0c5689660f37788916b37014754ce23e (patch) | |
tree | 70a31e7c7e56cc57910ab6cc2ed906d4be13745c /source/web | |
parent | e0a026c9b561893e5534923b18ca748e6177090e (diff) | |
download | samba-8d54f5fe0c5689660f37788916b37014754ce23e.tar.gz samba-8d54f5fe0c5689660f37788916b37014754ce23e.tar.xz samba-8d54f5fe0c5689660f37788916b37014754ce23e.zip |
Fix bug 916 - do not perform a + -> space substitution for squid URL encoded
strings, only form input in SWAT.
Andrew Bartlett
Diffstat (limited to 'source/web')
-rw-r--r-- | source/web/cgi.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/source/web/cgi.c b/source/web/cgi.c index 07e3ee38fbf..8a103fa57f3 100644 --- a/source/web/cgi.c +++ b/source/web/cgi.c @@ -85,6 +85,20 @@ static char *grab_line(FILE *f, int *cl) return ret; } +/** + URL encoded strings can have a '+', which should be replaced with a space + + (This was in rfc1738_unescape(), but that broke the squid helper) +**/ + +void plus_to_space_unescape(char *buf) +{ + char *p=buf; + + while ((p=strchr_m(p,'+'))) + *p = ' '; +} + /*************************************************************************** load all the variables passed to the CGI program. May have multiple variables with the same name and the same or different values. Takes a file parameter @@ -130,7 +144,9 @@ void cgi_load_variables(void) !variables[num_variables].value) continue; + plus_to_space_unescape(variables[num_variables].value); rfc1738_unescape(variables[num_variables].value); + plus_to_space_unescape(variables[num_variables].name); rfc1738_unescape(variables[num_variables].name); #ifdef DEBUG_COMMENTS @@ -161,7 +177,9 @@ void cgi_load_variables(void) !variables[num_variables].value) continue; + plus_to_space_unescape(variables[num_variables].value); rfc1738_unescape(variables[num_variables].value); + plus_to_space_unescape(variables[num_variables].name); rfc1738_unescape(variables[num_variables].name); #ifdef DEBUG_COMMENTS |