Fix bug 916 - do not perform a + -> space substitution for squid URL encoded

author Andrew Bartlett <abartlet@samba.org>

Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)

committer Andrew Bartlett <abartlet@samba.org>

Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)
author Andrew Bartlett <abartlet@samba.org>
Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)
committer Andrew Bartlett <abartlet@samba.org>
Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)
diff --git a/source/lib/util_str.c b/source/lib/util_str.c

index 2928584b8afe3d9cb868d73179b09ad07304735a..f9923bd325537a726e889856b486a0f0b99fc2d8 100644 (file)
--- a/source/lib/util_str.c
+++ b/source/lib/util_str.c
@@ -1780,11 +1780,6 @@ void rfc1738_unescape(char *buf)
  {
         char *p=buf;
  
-       while ((p=strchr_m(p,'+')))
-               *p = ' ';
-
-       p = buf;
-
         while (p && *p && (p=strchr_m(p,'%'))) {
                 int c1 = p[1];
                 int c2 = p[2];
diff --git a/source/web/cgi.c b/source/web/cgi.c

index 07e3ee38fbf68b49dafd16203cd25244adbbc441..8a103fa57f39cb9b2a1ef09eabca5c5fbcc7d52c 100644 (file)
--- a/source/web/cgi.c
+++ b/source/web/cgi.c
@@ -85,6 +85,20 @@ static char *grab_line(FILE *f, int *cl)
         return ret;
  }
  
+/**
+ URL encoded strings can have a '+', which should be replaced with a space
+
+ (This was in rfc1738_unescape(), but that broke the squid helper)
+**/
+
+void plus_to_space_unescape(char *buf)
+{
+       char *p=buf;
+
+       while ((p=strchr_m(p,'+')))
+               *p = ' ';
+}
+
  /***************************************************************************
    load all the variables passed to the CGI program. May have multiple variables
    with the same name and the same or different values. Takes a file parameter
@@ -130,7 +144,9 @@ void cgi_load_variables(void)
                             !variables[num_variables].value)
                                 continue;
  
+                       plus_to_space_unescape(variables[num_variables].value);
                         rfc1738_unescape(variables[num_variables].value);
+                       plus_to_space_unescape(variables[num_variables].name);
                         rfc1738_unescape(variables[num_variables].name);
  
  #ifdef DEBUG_COMMENTS
@@ -161,7 +177,9 @@ void cgi_load_variables(void)
                             !variables[num_variables].value)
                                 continue;
  
+                       plus_to_space_unescape(variables[num_variables].value);
                         rfc1738_unescape(variables[num_variables].value);
+                       plus_to_space_unescape(variables[num_variables].name);
                         rfc1738_unescape(variables[num_variables].name);
  
  #ifdef DEBUG_COMMENTS
author	Andrew Bartlett <abartlet@samba.org>
	Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)
committer	Andrew Bartlett <abartlet@samba.org>
	Thu, 25 Dec 2003 09:37:41 +0000 (09:37 +0000)
source/lib/util_str.c		patch \| blob \| history
source/web/cgi.c		patch \| blob \| history