You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2013/02/18 17:52:22 UTC
svn commit: r1447390 - in /httpd/httpd/branches/2.2.x: ./
modules/generators/ modules/ldap/ modules/mappers/ modules/proxy/
Author: rjung
Date: Mon Feb 18 16:52:21 2013
New Revision: 1447390
URL: http://svn.apache.org/r1447390
Log:
- various mods: host and URI escaping:
Be sure to escape potential troubled strings,
add missing html escaping
- const fixes for mod_imagemap
Submitted by: jim, sf, covener
Backported by: rjung
Reviewed by: rpluem, wrowe
Backport of r1413732, r1418752, r1416889, r1422234 and r1422253
from trunk resp. r1418941 and r1425750 from 2.4.x.
Modified:
httpd/httpd/branches/2.2.x/ (props changed)
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/generators/mod_info.c
httpd/httpd/branches/2.2.x/modules/generators/mod_status.c
httpd/httpd/branches/2.2.x/modules/ldap/util_ldap_cache_mgr.c
httpd/httpd/branches/2.2.x/modules/mappers/mod_imagemap.c
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c
httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c
Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1413732,1416889,1418752,1422234,1422253
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Mon Feb 18 16:52:21 2013
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.2.24
+ *) mod_status, mod_info, mod_proxy_ftp, mod_proxy_balancer, mod_imagemap,
+ mod_ldap: Improve escaping of hostname and URIs HTML output.
+ [Jim Jagielski, Stefan Fritsch]
+
*) mod_ssl: Send the error message for speaking http to an https port using
HTTP/1.0 instead of HTTP/0.9, and omit the link that may be wrong when
using SNI. PR 50823. [Stefan Fritsch]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Mon Feb 18 16:52:21 2013
@@ -94,18 +94,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * various mods: host and URI escaping. Includes needed constification
- fix for mod_imagemap.
- trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1413732
- http://svn.apache.org/viewvc?view=revision&revision=1418752
- http://svn.apache.org/viewvc?view=revision&revision=1416889
- http://svn.apache.org/viewvc?view=revision&revision=1422234
- http://svn.apache.org/viewvc?view=revision&revision=1422253
- 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1418941
- http://svn.apache.org/viewvc?view=revision&revision=1425750
- 2.2.x patch: http://people.apache.org/~rjung/patches/host-and-uri-escaping-2_2.patch
- +1: rjung, rpluem, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/modules/generators/mod_info.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/generators/mod_info.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/generators/mod_info.c (original)
+++ httpd/httpd/branches/2.2.x/modules/generators/mod_info.c Mon Feb 18 16:52:21 2013
@@ -371,7 +371,8 @@ static int show_server_settings(request_
MODULE_MAGIC_NUMBER_MINOR);
ap_rprintf(r,
"<dt><strong>Hostname/port:</strong> "
- "<tt>%s:%u</tt></dt>\n", ap_get_server_name(r),
+ "<tt>%s:%u</tt></dt>\n",
+ ap_escape_html(r->pool, ap_get_server_name(r)),
ap_get_server_port(r));
ap_rprintf(r,
"<dt><strong>Timeouts:</strong> "
Modified: httpd/httpd/branches/2.2.x/modules/generators/mod_status.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/generators/mod_status.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/generators/mod_status.c (original)
+++ httpd/httpd/branches/2.2.x/modules/generators/mod_status.c Mon Feb 18 16:52:21 2013
@@ -409,7 +409,8 @@ static int status_handler(request_rec *r
"<html><head>\n<title>Apache Status</title>\n</head><body>\n",
r);
ap_rputs("<h1>Apache Server Status for ", r);
- ap_rvputs(r, ap_get_server_name(r), "</h1>\n\n", NULL);
+ ap_rvputs(r, ap_escape_html(r->pool, ap_get_server_name(r)),
+ "</h1>\n\n", NULL);
ap_rvputs(r, "<dl><dt>Server Version: ",
ap_get_server_description(), "</dt>\n", NULL);
ap_rvputs(r, "<dt>Server Built: ",
Modified: httpd/httpd/branches/2.2.x/modules/ldap/util_ldap_cache_mgr.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/ldap/util_ldap_cache_mgr.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/ldap/util_ldap_cache_mgr.c (original)
+++ httpd/httpd/branches/2.2.x/modules/ldap/util_ldap_cache_mgr.c Mon Feb 18 16:52:21 2013
@@ -541,7 +541,7 @@ char *util_ald_cache_display_stats(reque
if (id) {
buf2 = apr_psprintf(p,
"<a href=\"%s?%s\">%s</a>",
- r->uri,
+ ap_escape_html(r->pool, ap_escape_uri(r->pool, r->uri)),
id,
name);
}
Modified: httpd/httpd/branches/2.2.x/modules/mappers/mod_imagemap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/mappers/mod_imagemap.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/mappers/mod_imagemap.c (original)
+++ httpd/httpd/branches/2.2.x/modules/mappers/mod_imagemap.c Mon Feb 18 16:52:21 2013
@@ -320,7 +320,7 @@ static void read_quoted(char **string, c
/*
* returns the mapped URL or NULL.
*/
-static char *imap_url(request_rec *r, const char *base, const char *value)
+static const char *imap_url(request_rec *r, const char *base, const char *value)
{
/* translates a value into a URL. */
int slen, clen;
@@ -342,7 +342,7 @@ static char *imap_url(request_rec *r, co
if (!strcasecmp(value, "referer")) {
referer = apr_table_get(r->headers_in, "Referer");
if (referer && *referer) {
- return ap_escape_html(r->pool, referer);
+ return referer;
}
else {
/* XXX: This used to do *value = '\0'; ... which is totally bogus
@@ -459,7 +459,7 @@ static char *imap_url(request_rec *r, co
return my_base;
}
-static int imap_reply(request_rec *r, char *redirect)
+static int imap_reply(request_rec *r, const char *redirect)
{
if (!strcasecmp(redirect, "error")) {
/* they actually requested an error! */
@@ -523,42 +523,52 @@ static void menu_comment(request_rec *r,
'formatted' form */
}
-static void menu_default(request_rec *r, char *menu, char *href, char *text)
+static void menu_default(request_rec *r, const char *menu, const char *href, const char *text)
{
+ char *ehref, *etext;
if (!strcasecmp(href, "error") || !strcasecmp(href, "nocontent")) {
return; /* don't print such lines, these aren't
really href's */
}
+
+ ehref = ap_escape_uri(r->pool, href);
+ etext = ap_escape_html(r->pool, text);
+
if (!strcasecmp(menu, "formatted")) {
- ap_rvputs(r, "<pre>(Default) <a href=\"", href, "\">", text,
+ ap_rvputs(r, "<pre>(Default) <a href=\"", ehref, "\">", etext,
"</a></pre>\n", NULL);
}
if (!strcasecmp(menu, "semiformatted")) {
- ap_rvputs(r, "<pre>(Default) <a href=\"", href, "\">", text,
+ ap_rvputs(r, "<pre>(Default) <a href=\"", ehref, "\">", etext,
"</a></pre>\n", NULL);
}
if (!strcasecmp(menu, "unformatted")) {
- ap_rvputs(r, "<a href=\"", href, "\">", text, "</a>", NULL);
+ ap_rvputs(r, "<a href=\"", ehref, "\">", etext, "</a>", NULL);
}
return;
}
-static void menu_directive(request_rec *r, char *menu, char *href, char *text)
+static void menu_directive(request_rec *r, const char *menu, const char *href, const char *text)
{
+ char *ehref, *etext;
if (!strcasecmp(href, "error") || !strcasecmp(href, "nocontent")) {
return; /* don't print such lines, as this isn't
really an href */
}
+
+ ehref = ap_escape_uri(r->pool, href);
+ etext = ap_escape_html(r->pool, text);
+
if (!strcasecmp(menu, "formatted")) {
- ap_rvputs(r, "<pre> <a href=\"", href, "\">", text,
+ ap_rvputs(r, "<pre> <a href=\"", ehref, "\">", etext,
"</a></pre>\n", NULL);
}
if (!strcasecmp(menu, "semiformatted")) {
- ap_rvputs(r, "<pre> <a href=\"", href, "\">", text,
+ ap_rvputs(r, "<pre> <a href=\"", ehref, "\">", etext,
"</a></pre>\n", NULL);
}
if (!strcasecmp(menu, "unformatted")) {
- ap_rvputs(r, "<a href=\"", href, "\">", text, "</a>", NULL);
+ ap_rvputs(r, "<a href=\"", ehref, "\">", etext, "</a>", NULL);
}
return;
}
@@ -574,9 +584,9 @@ static int imap_handler_internal(request
char *directive;
char *value;
char *href_text;
- char *base;
- char *redirect;
- char *mapdflt;
+ const char *base;
+ const char *redirect;
+ const char *mapdflt;
char *closest = NULL;
double closest_yet = -1;
apr_status_t status;
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_balancer.c Mon Feb 18 16:52:21 2013
@@ -829,7 +829,8 @@ static int balancer_handler(request_rec
ap_rputs(DOCTYPE_HTML_3_2
"<html><head><title>Balancer Manager</title></head>\n", r);
ap_rputs("<body><h1>Load Balancer Manager for ", r);
- ap_rvputs(r, ap_get_server_name(r), "</h1>\n\n", NULL);
+ ap_rvputs(r, ap_escape_html(r->pool, ap_get_server_name(r)),
+ "</h1>\n\n", NULL);
ap_rvputs(r, "<dl><dt>Server Version: ",
ap_get_server_description(), "</dt>\n", NULL);
ap_rvputs(r, "<dt>Server Built: ",
@@ -864,7 +865,8 @@ static int balancer_handler(request_rec
worker = (proxy_worker *)balancer->workers->elts;
for (n = 0; n < balancer->workers->nelts; n++) {
char fbuf[50];
- ap_rvputs(r, "<tr>\n<td><a href=\"", r->uri, "?b=",
+ ap_rvputs(r, "<tr>\n<td><a href=\"",
+ ap_escape_uri(r->pool, r->uri), "?b=",
balancer->name + sizeof("balancer://") - 1, "&w=",
ap_escape_uri(r->pool, worker->name),
"&nonce=", balancer_nonce,
@@ -905,7 +907,7 @@ static int balancer_handler(request_rec
ap_rputs("<h3>Edit worker settings for ", r);
ap_rvputs(r, wsel->name, "</h3>\n", NULL);
ap_rvputs(r, "<form method=\"GET\" action=\"", NULL);
- ap_rvputs(r, r->uri, "\">\n<dl>", NULL);
+ ap_rvputs(r, ap_escape_uri(r->pool, r->uri), "\">\n<dl>", NULL);
ap_rputs("<table><tr><td>Load factor:</td><td><input name=\"lf\" type=text ", r);
ap_rprintf(r, "value=\"%d\"></td></tr>\n", wsel->s->lbfactor);
ap_rputs("<tr><td>LB Set:</td><td><input name=\"ls\" type=text ", r);
Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c?rev=1447390&r1=1447389&r2=1447390&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ftp.c Mon Feb 18 16:52:21 2013
@@ -365,7 +365,9 @@ static apr_status_t proxy_send_dir_filte
" </head>\n"
" <body>\n <h2>Directory of "
"<a href=\"/\">%s</a>/%s",
- site, basedir, escpath, site, basedir, escpath, site, str);
+ ap_escape_html(p, site), basedir, escpath,
+ ap_escape_uri(p, site), basedir, escpath,
+ ap_escape_uri(p, site), str);
APR_BRIGADE_INSERT_TAIL(out, apr_bucket_pool_create(str, strlen(str),
p, c->bucket_alloc));