mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-22 17:28:25 +01:00
URL path should be tokenized by / and then decoded (EJAB-786).
SVN Revision: 1679
This commit is contained in:
parent
9f110a6352
commit
91b328b7d5
@ -1,7 +1,8 @@
|
|||||||
2008-11-12 Badlop <badlop@process-one.net>
|
2008-11-12 Badlop <badlop@process-one.net>
|
||||||
|
|
||||||
* src/web/ejabberd_http.erl: Include recognized headers in
|
* src/web/ejabberd_http.erl: Include recognized headers in
|
||||||
request_headers as atoms, and others as strings (EJAB-778)
|
request_headers as atoms, and others as strings (EJAB-778).
|
||||||
|
URL path should be tokenized by / and then decoded (EJAB-786).
|
||||||
|
|
||||||
* doc/guide.tex: Improve legibility of mod_irc example config
|
* doc/guide.tex: Improve legibility of mod_irc example config
|
||||||
|
|
||||||
|
@ -327,13 +327,13 @@ process_request(#state{request_method = Method,
|
|||||||
{'EXIT', _} ->
|
{'EXIT', _} ->
|
||||||
process_request(false);
|
process_request(false);
|
||||||
{NPath, Query} ->
|
{NPath, Query} ->
|
||||||
|
LPath = [path_decode(NPE) || NPE <- string:tokens(NPath, "/")],
|
||||||
LQuery = case (catch parse_urlencoded(Query)) of
|
LQuery = case (catch parse_urlencoded(Query)) of
|
||||||
{'EXIT', _Reason} ->
|
{'EXIT', _Reason} ->
|
||||||
[];
|
[];
|
||||||
LQ ->
|
LQ ->
|
||||||
LQ
|
LQ
|
||||||
end,
|
end,
|
||||||
LPath = string:tokens(NPath, "/"),
|
|
||||||
{ok, IP} =
|
{ok, IP} =
|
||||||
case SockMod of
|
case SockMod of
|
||||||
gen_tcp ->
|
gen_tcp ->
|
||||||
@ -393,7 +393,7 @@ process_request(#state{request_method = Method,
|
|||||||
{'EXIT', _} ->
|
{'EXIT', _} ->
|
||||||
process_request(false);
|
process_request(false);
|
||||||
{NPath, _Query} ->
|
{NPath, _Query} ->
|
||||||
LPath = string:tokens(NPath, "/"),
|
LPath = [path_decode(NPE) || NPE <- string:tokens(NPath, "/")],
|
||||||
LQuery = case (catch parse_urlencoded(Data)) of
|
LQuery = case (catch parse_urlencoded(Data)) of
|
||||||
{'EXIT', _Reason} ->
|
{'EXIT', _Reason} ->
|
||||||
[];
|
[];
|
||||||
@ -599,17 +599,9 @@ crypt(S) when is_binary(S) ->
|
|||||||
% notice as well as this list of conditions.
|
% notice as well as this list of conditions.
|
||||||
|
|
||||||
|
|
||||||
%% url decode the path and return {Path, QueryPart}
|
%% @doc Split the URL and return {Path, QueryPart}
|
||||||
|
|
||||||
url_decode_q_split(Path) ->
|
url_decode_q_split(Path) ->
|
||||||
url_decode_q_split(Path, []).
|
url_decode_q_split(Path, []).
|
||||||
|
|
||||||
url_decode_q_split([$%, Hi, Lo | Tail], Ack) ->
|
|
||||||
Hex = hex_to_integer([Hi, Lo]),
|
|
||||||
if Hex == 0 -> exit(badurl);
|
|
||||||
true -> ok
|
|
||||||
end,
|
|
||||||
url_decode_q_split(Tail, [Hex|Ack]);
|
|
||||||
url_decode_q_split([$?|T], Ack) ->
|
url_decode_q_split([$?|T], Ack) ->
|
||||||
%% Don't decode the query string here, that is parsed separately.
|
%% Don't decode the query string here, that is parsed separately.
|
||||||
{path_norm_reverse(Ack), T};
|
{path_norm_reverse(Ack), T};
|
||||||
@ -618,6 +610,20 @@ url_decode_q_split([H|T], Ack) when H /= 0 ->
|
|||||||
url_decode_q_split([], Ack) ->
|
url_decode_q_split([], Ack) ->
|
||||||
{path_norm_reverse(Ack), []}.
|
{path_norm_reverse(Ack), []}.
|
||||||
|
|
||||||
|
%% @doc Decode a part of the URL and return string()
|
||||||
|
path_decode(Path) ->
|
||||||
|
path_decode(Path, []).
|
||||||
|
path_decode([$%, Hi, Lo | Tail], Ack) ->
|
||||||
|
Hex = hex_to_integer([Hi, Lo]),
|
||||||
|
if Hex == 0 -> exit(badurl);
|
||||||
|
true -> ok
|
||||||
|
end,
|
||||||
|
path_decode(Tail, [Hex|Ack]);
|
||||||
|
path_decode([H|T], Ack) when H /= 0 ->
|
||||||
|
path_decode(T, [H|Ack]);
|
||||||
|
path_decode([], Ack) ->
|
||||||
|
lists:reverse(Ack).
|
||||||
|
|
||||||
path_norm_reverse("/" ++ T) -> start_dir(0, "/", T);
|
path_norm_reverse("/" ++ T) -> start_dir(0, "/", T);
|
||||||
path_norm_reverse( T) -> start_dir(0, "", T).
|
path_norm_reverse( T) -> start_dir(0, "", T).
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user