diff options
| author |   tb <tb@openbsd.org> | 2019-05-08 21:46:56 +0000 |
|---|---|---|
| committer | tb <tb@openbsd.org> | 2019-05-08 21:46:56 +0000 |
| commit | fabb812f4d61702252401c8eb90791031fb68bbc (patch) | |
| tree | fa88c716d3bed5bf6f6e8247204fc02fefbb9b7f /usr.sbin/httpd | |
| parent | Set the REQUEST_URI CGI variable to the requested URI and query string (diff) | |
| download | wireguard-openbsd-fabb812f4d61702252401c8eb90791031fb68bbc.tar.xz wireguard-openbsd-fabb812f4d61702252401c8eb90791031fb68bbc.zip | |
The QUERY_STRING macro is not actually URL encoded, so fix the manual.
Add a QUERY_STRING_ENC macro that is URL encoded.
Patch from Tim Baumgartner
ok reyk
Diffstat (limited to 'usr.sbin/httpd')
| -rw-r--r-- | usr.sbin/httpd/httpd.conf.5 | 8 | ||||
| -rw-r--r-- | usr.sbin/httpd/server_http.c | 16 |
2 files changed, 19 insertions, 5 deletions
diff --git a/usr.sbin/httpd/httpd.conf.5 b/usr.sbin/httpd/httpd.conf.5 index 3290048e36c..f4ea2e55766 100644 --- a/usr.sbin/httpd/httpd.conf.5 +++ b/usr.sbin/httpd/httpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: httpd.conf.5,v 1.106 2019/05/03 17:16:27 tb Exp $ +.\" $OpenBSD: httpd.conf.5,v 1.107 2019/05/08 21:46:56 tb Exp $ .\" .\" Copyright (c) 2014, 2015 Reyk Floeter <reyk@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: May 3 2019 $ +.Dd $Mdocdate: May 8 2019 $ .Dt HTTPD.CONF 5 .Os .Sh NAME @@ -208,7 +208,9 @@ may contain predefined macros that will be expanded at runtime: .It Ic $DOCUMENT_URI The request path. .It Ic $QUERY_STRING -The URL encoded query string of the request. +The query string of the request. +.It Ic $QUERY_STRING_ENC +The URL-encoded query string of the request. .It Ic $REMOTE_ADDR The IP address of the connected client. .It Ic $REMOTE_PORT diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c index 5a2a9072356..817588e2278 100644 --- a/usr.sbin/httpd/server_http.c +++ b/usr.sbin/httpd/server_http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: server_http.c,v 1.132 2019/05/08 21:41:06 tb Exp $ */ +/* $OpenBSD: server_http.c,v 1.133 2019/05/08 21:46:56 tb Exp $ */ /* * Copyright (c) 2006 - 2018 Reyk Floeter <reyk@openbsd.org> @@ -1034,7 +1034,7 @@ server_expand_http(struct client *clt, const char *val, char *buf, { struct http_descriptor *desc = clt->clt_descreq; struct server_config *srv_conf = clt->clt_srv_conf; - char ibuf[128], *str, *path; + char ibuf[128], *str, *path, *query; const char *errstr = NULL, *p; size_t size; int n, ret; @@ -1074,6 +1074,18 @@ server_expand_http(struct client *clt, const char *val, char *buf, if (ret != 0) return (NULL); } + if (strstr(val, "$QUERY_STRING_ENC") != NULL) { + if (desc->http_query == NULL) { + ret = expand_string(buf, len, "$QUERY_STRING_ENC", ""); + } else { + if ((query = url_encode(desc->http_query)) == NULL) + return (NULL); + ret = expand_string(buf, len, "$QUERY_STRING_ENC", query); + free(query); + } + if (ret != 0) + return (NULL); + } if (strstr(val, "$QUERY_STRING") != NULL) { if (desc->http_query == NULL) { ret = expand_string(buf, len, "$QUERY_STRING", ""); |