Lines 36-41
Link Here
|
36 |
#include "jk_connect.h" |
36 |
#include "jk_connect.h" |
37 |
#include "jk_uri_worker_map.h" |
37 |
#include "jk_uri_worker_map.h" |
38 |
|
38 |
|
|
|
39 |
#include "apr.h" |
40 |
|
39 |
#define HUGE_BUFFER_SIZE (8*1024) |
41 |
#define HUGE_BUFFER_SIZE (8*1024) |
40 |
|
42 |
|
41 |
/** |
43 |
/** |
Lines 1200-1205
Link Here
|
1200 |
jk_putv(s, "\">", text, "</a>", NULL); |
1202 |
jk_putv(s, "\">", text, "</a>", NULL); |
1201 |
} |
1203 |
} |
1202 |
|
1204 |
|
|
|
1205 |
/* |
1206 |
Only include the function definitions for x2c and jk_unescape_url |
1207 |
if using APR < 1.5. Otherwise, just pass-through jk_unescape_url |
1208 |
to apr_unescape_url. |
1209 |
*/ |
1210 |
#ifndef APR_ESCAPE_STRING |
1211 |
static char x2c(const char *what) |
1212 |
{ |
1213 |
register char digit; |
1214 |
|
1215 |
#if !APR_CHARSET_EBCDIC |
1216 |
digit = |
1217 |
((what[0] >= 'A') ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); |
1218 |
digit *= 16; |
1219 |
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0')); |
1220 |
#else /*APR_CHARSET_EBCDIC*/ |
1221 |
char xstr[5]; |
1222 |
xstr[0]='0'; |
1223 |
xstr[1]='x'; |
1224 |
xstr[2]=what[0]; |
1225 |
xstr[3]=what[1]; |
1226 |
xstr[4]='\0'; |
1227 |
digit = convert_a2e[0xFF & strtol(xstr, NULL, 16)]; |
1228 |
#endif /*APR_CHARSET_EBCDIC*/ |
1229 |
return (digit); |
1230 |
} |
1231 |
|
1232 |
static int jk_unescape_url(char *const escaped, |
1233 |
const char *const url, |
1234 |
size_t slen, |
1235 |
const char *const forbid, |
1236 |
const char *const reserved, |
1237 |
const int plus, |
1238 |
size_t *len) |
1239 |
{ |
1240 |
apr_size_t size = 1; |
1241 |
int found = 0; |
1242 |
const char *s = (const char *) url; |
1243 |
char *d = (char *) escaped; |
1244 |
register int badesc, badpath; |
1245 |
|
1246 |
if (!url) { |
1247 |
return APR_NOTFOUND; |
1248 |
} |
1249 |
|
1250 |
badesc = 0; |
1251 |
badpath = 0; |
1252 |
if (s) { |
1253 |
if (d) { |
1254 |
for (; *s && slen; ++s, d++, slen--) { |
1255 |
if (plus && *s == '+') { |
1256 |
*d = ' '; |
1257 |
found = 1; |
1258 |
} |
1259 |
else if (*s != '%') { |
1260 |
*d = *s; |
1261 |
} |
1262 |
else { |
1263 |
if (!apr_isxdigit(*(s + 1)) || !apr_isxdigit(*(s + 2))) { |
1264 |
badesc = 1; |
1265 |
*d = '%'; |
1266 |
} |
1267 |
else { |
1268 |
char decoded; |
1269 |
decoded = x2c(s + 1); |
1270 |
if ((decoded == '\0') |
1271 |
|| (forbid && strchr(forbid, decoded))) { |
1272 |
badpath = 1; |
1273 |
*d = decoded; |
1274 |
s += 2; |
1275 |
slen -= 2; |
1276 |
} |
1277 |
else if (reserved && strchr(reserved, decoded)) { |
1278 |
*d++ = *s++; |
1279 |
*d++ = *s++; |
1280 |
*d = *s; |
1281 |
size += 2; |
1282 |
} |
1283 |
else { |
1284 |
*d = decoded; |
1285 |
s += 2; |
1286 |
slen -= 2; |
1287 |
found = 1; |
1288 |
} |
1289 |
} |
1290 |
} |
1291 |
size++; |
1292 |
} |
1293 |
*d = '\0'; |
1294 |
} |
1295 |
else { |
1296 |
for (; *s && slen; ++s, slen--) { |
1297 |
if (plus && *s == '+') { |
1298 |
found = 1; |
1299 |
} |
1300 |
else if (*s != '%') { |
1301 |
/* character unchanged */ |
1302 |
} |
1303 |
else { |
1304 |
if (!apr_isxdigit(*(s + 1)) || !apr_isxdigit(*(s + 2))) { |
1305 |
badesc = 1; |
1306 |
} |
1307 |
else { |
1308 |
char decoded; |
1309 |
decoded = x2c(s + 1); |
1310 |
if ((decoded == '\0') |
1311 |
|| (forbid && strchr(forbid, decoded))) { |
1312 |
badpath = 1; |
1313 |
s += 2; |
1314 |
slen -= 2; |
1315 |
} |
1316 |
else if (reserved && strchr(reserved, decoded)) { |
1317 |
s += 2; |
1318 |
slen -= 2; |
1319 |
size += 2; |
1320 |
} |
1321 |
else { |
1322 |
s += 2; |
1323 |
slen -= 2; |
1324 |
found = 1; |
1325 |
} |
1326 |
} |
1327 |
} |
1328 |
size++; |
1329 |
} |
1330 |
} |
1331 |
} |
1332 |
|
1333 |
if (len) { |
1334 |
*len = size; |
1335 |
} |
1336 |
if (badesc) { |
1337 |
return APR_EINVAL; |
1338 |
} |
1339 |
else if (badpath) { |
1340 |
return APR_BADCH; |
1341 |
} |
1342 |
else if (!found) { |
1343 |
return APR_NOTFOUND; |
1344 |
} |
1345 |
|
1346 |
return APR_SUCCESS; |
1347 |
} |
1348 |
#else |
1349 |
static int jk_unescape_url(char *const escaped, |
1350 |
const char *const url, |
1351 |
size_t slen, |
1352 |
const char *const forbid, |
1353 |
const char *const reserved, |
1354 |
const int plus, |
1355 |
size_t *len) |
1356 |
{ |
1357 |
return apr_unescape_url(escaped, url, slen, forbid, reserved, plus, len); |
1358 |
} |
1359 |
#endif |
1360 |
|
1203 |
static int status_parse_uri(jk_ws_service_t *s, |
1361 |
static int status_parse_uri(jk_ws_service_t *s, |
1204 |
status_endpoint_t *p, |
1362 |
status_endpoint_t *p, |
1205 |
jk_logger_t *l) |
1363 |
jk_logger_t *l) |
Lines 1263-1268
Link Here
|
1263 |
#endif |
1421 |
#endif |
1264 |
char *key = jk_pool_strdup(s->pool, param); |
1422 |
char *key = jk_pool_strdup(s->pool, param); |
1265 |
char *value; |
1423 |
char *value; |
|
|
1424 |
char *decoded; |
1266 |
if (!key) { |
1425 |
if (!key) { |
1267 |
jk_log(l, JK_LOG_ERROR, |
1426 |
jk_log(l, JK_LOG_ERROR, |
1268 |
"Status worker '%s' could not copy string", |
1427 |
"Status worker '%s' could not copy string", |
Lines 1274-1280
Link Here
|
1274 |
if (value) { |
1433 |
if (value) { |
1275 |
*value = '\0'; |
1434 |
*value = '\0'; |
1276 |
value++; |
1435 |
value++; |
1277 |
/* XXX Depending on the params values, we might need to trim and decode */ |
1436 |
|
|
|
1437 |
/* url-decode the parameter value */ |
1438 |
decoded = (char*)malloc(strlen(value) * (sizeof(char))); |
1439 |
jk_unescape_url(decoded, value, strlen(value), NULL, NULL, 1, NULL); |
1440 |
value = decoded; |
1441 |
|
1278 |
if (strlen(key)) { |
1442 |
if (strlen(key)) { |
1279 |
if (JK_IS_DEBUG_LEVEL(l)) |
1443 |
if (JK_IS_DEBUG_LEVEL(l)) |
1280 |
jk_log(l, JK_LOG_DEBUG, |
1444 |
jk_log(l, JK_LOG_DEBUG, |