Fossil

Check-in [05e3fa76]
Login

Check-in [05e3fa76]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Rename variable g.zUrlSuffix to g.zRelReqURI (Relative Request URI). Provide it to TH1 interpreter as $relrequri.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | base-href-fix
Files: files | file ages | folders
SHA3-256: 05e3fa76bee4003b8a10d90e6d3861f221f7391828e75493587bfea9ee3a91bc
User & Date: george 2022-02-13 17:54:07
Original Comment: Rename variable g.zUrlSuffix to g.zRelReqURI (Relative Request URI). Provide it to TH1 interpreter as .
Context
2022-02-14
22:43
Make style_set_base_href_suffix() safe for misuse: if the resulting suffix contains unescaped quotes then escape them. $base_href_suffix is intended for interpolation inside of the quoted href attribute. This check-in should address the case when a user of malfunctioning browser (which mishandles quoting) is tricked by an adversary to visit a specially crafted hyperlink. ... (check-in: d97752f3 user: george tags: base-href-fix)
2022-02-13
17:54
Rename variable g.zUrlSuffix to g.zRelReqURI (Relative Request URI). Provide it to TH1 interpreter as $relrequri. ... (check-in: 05e3fa76 user: george tags: base-href-fix)
16:00
Fix hyperlinks on the /winfo page. These were broken when a page was rendered through /info/HASH of /winfo/HASH aliases. ... (check-in: 5ce372ce user: george tags: base-href-fix)
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/main.c. 

177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192

  char *zSshCmd;          /* SSH command string */
  const char *zHttpCmd;   /* External program to do HTTP requests */
  int fNoSync;            /* Do not do an autosync ever.  --nosync */
  int fIPv4;              /* Use only IPv4, not IPv6. --ipv4 */
  char *zPath;            /* Name of webpage being served */
  char *zExtra;           /* Extra path information past the webpage name */
  char *zBaseURL;         /* Full URL for the toplevel of the fossil tree */
  const char *zUrlSuffix; /* Suffix of the URL including query string
     zBaseUrl/zUrlSuffix  == Full text of the URL being served */
  char *zHttpsURL;        /* zBaseURL translated to https: */
  char *zTop;             /* Parent directory of zPath */
  int nExtraURL;          /* Extra bytes added to SCRIPT_NAME */
  const char *zExtRoot;   /* Document root for the /ext sub-website */
  const char *zContentType;  /* The content type of the input HTTP request */
  int iErrPriority;       /* Priority of current error message */
  char *zErrMsg;          /* Text of an error message */








|
|








177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192

  char *zSshCmd;          /* SSH command string */
  const char *zHttpCmd;   /* External program to do HTTP requests */
  int fNoSync;            /* Do not do an autosync ever.  --nosync */
  int fIPv4;              /* Use only IPv4, not IPv6. --ipv4 */
  char *zPath;            /* Name of webpage being served */
  char *zExtra;           /* Extra path information past the webpage name */
  char *zBaseURL;         /* Full URL for the toplevel of the fossil tree */
  const char *zRelReqURI; /* Relative Request URI (includes QUERY_STRING)
     zBaseUrl/zRelReqURI  == Full text of the URL being served */
  char *zHttpsURL;        /* zBaseURL translated to https: */
  char *zTop;             /* Parent directory of zPath */
  int nExtraURL;          /* Extra bytes added to SCRIPT_NAME */
  const char *zExtRoot;   /* Document root for the /ext sub-website */
  const char *zContentType;  /* The content type of the input HTTP request */
  int iErrPriority;       /* Priority of current error message */
  char *zErrMsg;          /* Text of an error message */

1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431

      g.zHttpsURL = mprintf("https://%s%.*s", z, i, zCur);
    }
    fossil_free(z);
  }

  zRU  = PD("REQUEST_URI","");
  nTop = strlen( g.zTop );
  g.zUrlSuffix = strncmp(zRU,g.zTop,nTop) ? "" : zRU+nTop;
  if(g.zUrlSuffix[0]=='/') g.zUrlSuffix++;
  g.zUrlSuffix = fossil_strdup( g.zUrlSuffix );

  /* Try to record the base URL as a CONFIG table entry with a name
  ** of the form:  "baseurl:BASE".  This keeps a record of how the
  ** the repository is used as a server, to help in answering questions
  ** like "where is the CGI script that references this repository?"
  **
  ** This is just a logging hint.  So don't worry if it cannot be done.








|
|
|








1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431

      g.zHttpsURL = mprintf("https://%s%.*s", z, i, zCur);
    }
    fossil_free(z);
  }

  zRU  = PD("REQUEST_URI","");
  nTop = strlen( g.zTop );
  g.zRelReqURI = strncmp(zRU,g.zTop,nTop) ? "" : zRU+nTop;
  if(g.zRelReqURI[0]=='/') g.zRelReqURI++;
  g.zRelReqURI = fossil_strdup( g.zRelReqURI );

  /* Try to record the base URL as a CONFIG table entry with a name
  ** of the form:  "baseurl:BASE".  This keeps a record of how the
  ** the repository is used as a server, to help in answering questions
  ** like "where is the CGI script that references this repository?"
  **
  ** This is just a logging hint.  So don't worry if it cannot be done.

Changes to src/style.c. 

404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423

    va_start(ap, zFormat);
    local_zCurrentPage = vmprintf(zFormat, ap);
    va_end(ap);
  }
}

/* Use this for the $base_href_suffix variable if it is not NULL.
** If it is NULL then use g.zUrlSuffix
*/
static char *local_zBaseHrefSuffix = 0;

/*
** Set the desired $base_href_suffix to something other than g.zUrlSuffix
*/
void style_set_base_href_suffix(const char *zFormat, ...){
  fossil_free(local_zBaseHrefSuffix);
  if( zFormat==0 ){
    local_zBaseHrefSuffix = 0;
  }else{
    va_list ap;








|




|








404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423

    va_start(ap, zFormat);
    local_zCurrentPage = vmprintf(zFormat, ap);
    va_end(ap);
  }
}

/* Use this for the $base_href_suffix variable if it is not NULL.
** If it is NULL then use g.zRelReqURI
*/
static char *local_zBaseHrefSuffix = 0;

/*
** Set the desired $base_href_suffix to something other than g.zRelReqURI
*/
void style_set_base_href_suffix(const char *zFormat, ...){
  fossil_free(local_zBaseHrefSuffix);
  if( zFormat==0 ){
    local_zBaseHrefSuffix = 0;
  }else{
    va_list ap;

788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806

  Th_Store("baseurl", g.zBaseURL);
  Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL);
  Th_Store("home", g.zTop);
  Th_Store("index_page", db_get("index-page","/home"));
  if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath);
  Th_Store("current_page", local_zCurrentPage);
  if( local_zBaseHrefSuffix==0 ){
    style_set_base_href_suffix("%s",g.zUrlSuffix);
    /* %s because g.zUrlSuffix is already encoded (FIXME: really so?) */
  }
  Th_Store("base_href_suffix", local_zBaseHrefSuffix);
  Th_Store("requested_url_suffix", g.zUrlSuffix);
  Th_Store("csrf_token", g.zCsrfToken);
  Th_Store("release_version", RELEASE_VERSION);
  Th_Store("manifest_version", MANIFEST_VERSION);
  Th_Store("manifest_date", MANIFEST_DATE);
  Th_Store("compiler_name", COMPILER_NAME);
  Th_Store("mainmenu", style_get_mainmenu());
  stylesheet_url_var();








|
|


|








788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806

  Th_Store("baseurl", g.zBaseURL);
  Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL);
  Th_Store("home", g.zTop);
  Th_Store("index_page", db_get("index-page","/home"));
  if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath);
  Th_Store("current_page", local_zCurrentPage);
  if( local_zBaseHrefSuffix==0 ){
    style_set_base_href_suffix("%s",g.zRelReqURI);
    /* %s because g.zRelReqURI is already encoded (FIXME: really so?) */
  }
  Th_Store("base_href_suffix", local_zBaseHrefSuffix);
  Th_Store("relrequri", g.zRelReqURI);
  Th_Store("csrf_token", g.zCsrfToken);
  Th_Store("release_version", RELEASE_VERSION);
  Th_Store("manifest_version", MANIFEST_VERSION);
  Th_Store("manifest_date", MANIFEST_DATE);
  Th_Store("compiler_name", COMPILER_NAME);
  Th_Store("mainmenu", style_get_mainmenu());
  stylesheet_url_var();

1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421


  if( isAuth ){
  #if !defined(_WIN32)
    @ uid=%d(getuid()), gid=%d(getgid())<br />
  #endif
    @ g.zBaseURL = %h(g.zBaseURL)<br />
    @ g.zHttpsURL = %h(g.zHttpsURL)<br />
    @ g.zUrlSuffix = %h(g.zUrlSuffix)<br />
    @ g.zTop = %h(g.zTop)<br />
    @ g.zPath = %h(g.zPath)<br />
    @ g.userUid = %d(g.userUid)<br />
    @ g.zLogin = %h(g.zLogin)<br />
    @ g.isHuman = %d(g.isHuman)<br />
    @ g.javascriptHyperlink = %d(g.javascriptHyperlink)<br />
    if( g.nRequest ){








|








1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421


  if( isAuth ){
  #if !defined(_WIN32)
    @ uid=%d(getuid()), gid=%d(getgid())<br />
  #endif
    @ g.zBaseURL = %h(g.zBaseURL)<br />
    @ g.zHttpsURL = %h(g.zHttpsURL)<br />
    @ g.zRelReqURI = %h(g.zRelReqURI)<br />
    @ g.zTop = %h(g.zTop)<br />
    @ g.zPath = %h(g.zPath)<br />
    @ g.userUid = %d(g.userUid)<br />
    @ g.zLogin = %h(g.zLogin)<br />
    @ g.isHuman = %d(g.isHuman)<br />
    @ g.javascriptHyperlink = %d(g.javascriptHyperlink)<br />
    if( g.nRequest ){