ref: 18cacffe3aa32b2915ca662be1bd230a534d44dd
parent: 7bcdcf129eb30a187f2d6018151d4aa9cd3b680e
author: sl <uriel@engel.se.cat-v.org>
date: Tue Mar 3 08:15:46 EST 2009
Further cleanup and simplification of redirect code.
--- a/bin/cgilib.rc
+++ b/bin/cgilib.rc
@@ -6,7 +6,7 @@
fn escape_html { sed 's/&/\&/g; s/</\</g; s/>/\>/g' $* } fn http_redirect {- if(~ $1 http:* https:*)
+ if(~ $1 http://* https://*)
t=$1
if not if(~ $1 /*)
t=$"base_url^$1
--- a/bin/werc.rc
+++ b/bin/werc.rc
@@ -40,6 +40,7 @@
# Note: $REQUEST_URI is not officially in CGI 1.1, but seems to be de-facto
req_path=`{echo -n $REQUEST_URI | sed 's/\?.*//; s!//+!/!g; s/'^$forbidden_uri_chars^'//g; s/\.\.*/./g; 1q'}+ req_url=$base_url^$req_path
local_path=$sitedir$req_path
ifs='/' { args=`{echo -n $req_path} }@@ -85,18 +86,19 @@
if(~ $#perm_redir_to 1)
perm_redirect $perm_redir_to
- f=();t=()
+ p=();
for(i in $perm_redir_patterns) {- if(~ $#f 0)
- f=$i
+ if(~ $#p 0)
+ p=$i
if not {- t=$i
- # TODO: should handle absolute and relative urls differently.
- from=$base_url^$req_path
- to=`{ echo $from | sed 's!'$f'!'$t'!' }- if(! ~ $to $from)
- perm_redirect $to
- f=()
+ # If target is absolute, require patern matches whole string
+ if(~ $i http://* https://)
+ p='^'$p
+ t=`{ echo $req_path | sed 's!'$p'!'$i'!' }+
+ if(! ~ $"t '' && ! ~ $t $req_path)
+ perm_redirect $t
+ p=()
}
}
--- a/bin/wercconf.rc
+++ b/bin/wercconf.rc
@@ -2,15 +2,13 @@
fn conf_perm_redirect {if(~ $#* 1)
perm_redir_to=$1
- if not {+ if not
perm_redir_patterns=($perm_redir_patterns $1 $2)
- conf_hide_paths $1 # XXX Will hide paths even if replacement string is the same as matched sctring.
- }
}
fn conf_hide_paths {for(i in $*)
- dirfilter=$dirfilter^'/'^`{echo $sitedir'/'$i|sed 's!/+!\\/!g'}^'/d; '+ dirfilter=$dirfilter^'/'^`{echo $sitedir$conf_wd$i|sed 's!/+!\\/!g'}^'/d; '}
# Usually will be called from within conf_enable_foo