|
Lines 36-41
Link Here
|
| 36 |
#include "jk_connect.h" |
36 |
#include "jk_connect.h" |
| 37 |
#include "jk_uri_worker_map.h" |
37 |
#include "jk_uri_worker_map.h" |
| 38 |
|
38 |
|
|
|
39 |
#include "apr.h" |
| 40 |
|
| 39 |
#define HUGE_BUFFER_SIZE (8*1024) |
41 |
#define HUGE_BUFFER_SIZE (8*1024) |
| 40 |
|
42 |
|
| 41 |
/** |
43 |
/** |
|
Lines 1200-1205
Link Here
|
| 1200 |
jk_putv(s, "\">", text, "</a>", NULL); |
1202 |
jk_putv(s, "\">", text, "</a>", NULL); |
| 1201 |
} |
1203 |
} |
| 1202 |
|
1204 |
|
|
|
1205 |
/* |
| 1206 |
Only include the function definitions for x2c and jk_unescape_url |
| 1207 |
if using APR < 1.5. Otherwise, just pass-through jk_unescape_url |
| 1208 |
to apr_unescape_url. |
| 1209 |
*/ |
| 1210 |
#ifndef APR_ESCAPE_STRING |
| 1211 |
static char x2c(const char *what) |
| 1212 |
{ |
| 1213 |
register char digit; |
| 1214 |
|
| 1215 |
#if !APR_CHARSET_EBCDIC |
| 1216 |
digit = |
| 1217 |
((what[0] >= 'A') ? ((what[0] & 0xdf) - 'A') + 10 : (what[0] - '0')); |
| 1218 |
digit *= 16; |
| 1219 |
digit += (what[1] >= 'A' ? ((what[1] & 0xdf) - 'A') + 10 : (what[1] - '0')); |
| 1220 |
#else /*APR_CHARSET_EBCDIC*/ |
| 1221 |
char xstr[5]; |
| 1222 |
xstr[0]='0'; |
| 1223 |
xstr[1]='x'; |
| 1224 |
xstr[2]=what[0]; |
| 1225 |
xstr[3]=what[1]; |
| 1226 |
xstr[4]='\0'; |
| 1227 |
digit = convert_a2e[0xFF & strtol(xstr, NULL, 16)]; |
| 1228 |
#endif /*APR_CHARSET_EBCDIC*/ |
| 1229 |
return (digit); |
| 1230 |
} |
| 1231 |
|
| 1232 |
static int jk_unescape_url(char *const escaped, |
| 1233 |
const char *const url, |
| 1234 |
size_t slen, |
| 1235 |
const char *const forbid, |
| 1236 |
const char *const reserved, |
| 1237 |
const int plus, |
| 1238 |
size_t *len) |
| 1239 |
{ |
| 1240 |
apr_size_t size = 1; |
| 1241 |
int found = 0; |
| 1242 |
const char *s = (const char *) url; |
| 1243 |
char *d = (char *) escaped; |
| 1244 |
register int badesc, badpath; |
| 1245 |
|
| 1246 |
if (!url) { |
| 1247 |
return APR_NOTFOUND; |
| 1248 |
} |
| 1249 |
|
| 1250 |
badesc = 0; |
| 1251 |
badpath = 0; |
| 1252 |
if (s) { |
| 1253 |
if (d) { |
| 1254 |
for (; *s && slen; ++s, d++, slen--) { |
| 1255 |
if (plus && *s == '+') { |
| 1256 |
*d = ' '; |
| 1257 |
found = 1; |
| 1258 |
} |
| 1259 |
else if (*s != '%') { |
| 1260 |
*d = *s; |
| 1261 |
} |
| 1262 |
else { |
| 1263 |
if (!apr_isxdigit(*(s + 1)) || !apr_isxdigit(*(s + 2))) { |
| 1264 |
badesc = 1; |
| 1265 |
*d = '%'; |
| 1266 |
} |
| 1267 |
else { |
| 1268 |
char decoded; |
| 1269 |
decoded = x2c(s + 1); |
| 1270 |
if ((decoded == '\0') |
| 1271 |
|| (forbid && strchr(forbid, decoded))) { |
| 1272 |
badpath = 1; |
| 1273 |
*d = decoded; |
| 1274 |
s += 2; |
| 1275 |
slen -= 2; |
| 1276 |
} |
| 1277 |
else if (reserved && strchr(reserved, decoded)) { |
| 1278 |
*d++ = *s++; |
| 1279 |
*d++ = *s++; |
| 1280 |
*d = *s; |
| 1281 |
size += 2; |
| 1282 |
} |
| 1283 |
else { |
| 1284 |
*d = decoded; |
| 1285 |
s += 2; |
| 1286 |
slen -= 2; |
| 1287 |
found = 1; |
| 1288 |
} |
| 1289 |
} |
| 1290 |
} |
| 1291 |
size++; |
| 1292 |
} |
| 1293 |
*d = '\0'; |
| 1294 |
} |
| 1295 |
else { |
| 1296 |
for (; *s && slen; ++s, slen--) { |
| 1297 |
if (plus && *s == '+') { |
| 1298 |
found = 1; |
| 1299 |
} |
| 1300 |
else if (*s != '%') { |
| 1301 |
/* character unchanged */ |
| 1302 |
} |
| 1303 |
else { |
| 1304 |
if (!apr_isxdigit(*(s + 1)) || !apr_isxdigit(*(s + 2))) { |
| 1305 |
badesc = 1; |
| 1306 |
} |
| 1307 |
else { |
| 1308 |
char decoded; |
| 1309 |
decoded = x2c(s + 1); |
| 1310 |
if ((decoded == '\0') |
| 1311 |
|| (forbid && strchr(forbid, decoded))) { |
| 1312 |
badpath = 1; |
| 1313 |
s += 2; |
| 1314 |
slen -= 2; |
| 1315 |
} |
| 1316 |
else if (reserved && strchr(reserved, decoded)) { |
| 1317 |
s += 2; |
| 1318 |
slen -= 2; |
| 1319 |
size += 2; |
| 1320 |
} |
| 1321 |
else { |
| 1322 |
s += 2; |
| 1323 |
slen -= 2; |
| 1324 |
found = 1; |
| 1325 |
} |
| 1326 |
} |
| 1327 |
} |
| 1328 |
size++; |
| 1329 |
} |
| 1330 |
} |
| 1331 |
} |
| 1332 |
|
| 1333 |
if (len) { |
| 1334 |
*len = size; |
| 1335 |
} |
| 1336 |
if (badesc) { |
| 1337 |
return APR_EINVAL; |
| 1338 |
} |
| 1339 |
else if (badpath) { |
| 1340 |
return APR_BADCH; |
| 1341 |
} |
| 1342 |
else if (!found) { |
| 1343 |
return APR_NOTFOUND; |
| 1344 |
} |
| 1345 |
|
| 1346 |
return APR_SUCCESS; |
| 1347 |
} |
| 1348 |
#else |
| 1349 |
static int jk_unescape_url(char *const escaped, |
| 1350 |
const char *const url, |
| 1351 |
size_t slen, |
| 1352 |
const char *const forbid, |
| 1353 |
const char *const reserved, |
| 1354 |
const int plus, |
| 1355 |
size_t *len) |
| 1356 |
{ |
| 1357 |
return apr_unescape_url(escaped, url, slen, forbid, reserved, plus, len); |
| 1358 |
} |
| 1359 |
#endif |
| 1360 |
|
| 1203 |
static int status_parse_uri(jk_ws_service_t *s, |
1361 |
static int status_parse_uri(jk_ws_service_t *s, |
| 1204 |
status_endpoint_t *p, |
1362 |
status_endpoint_t *p, |
| 1205 |
jk_logger_t *l) |
1363 |
jk_logger_t *l) |
|
Lines 1263-1268
Link Here
|
| 1263 |
#endif |
1421 |
#endif |
| 1264 |
char *key = jk_pool_strdup(s->pool, param); |
1422 |
char *key = jk_pool_strdup(s->pool, param); |
| 1265 |
char *value; |
1423 |
char *value; |
|
|
1424 |
char *decoded; |
| 1266 |
if (!key) { |
1425 |
if (!key) { |
| 1267 |
jk_log(l, JK_LOG_ERROR, |
1426 |
jk_log(l, JK_LOG_ERROR, |
| 1268 |
"Status worker '%s' could not copy string", |
1427 |
"Status worker '%s' could not copy string", |
|
Lines 1274-1280
Link Here
|
| 1274 |
if (value) { |
1433 |
if (value) { |
| 1275 |
*value = '\0'; |
1434 |
*value = '\0'; |
| 1276 |
value++; |
1435 |
value++; |
| 1277 |
/* XXX Depending on the params values, we might need to trim and decode */ |
1436 |
|
|
|
1437 |
/* url-decode the parameter value */ |
| 1438 |
decoded = (char*)malloc(strlen(value) * (sizeof(char))); |
| 1439 |
jk_unescape_url(decoded, value, strlen(value), NULL, NULL, 1, NULL); |
| 1440 |
value = decoded; |
| 1441 |
|
| 1278 |
if (strlen(key)) { |
1442 |
if (strlen(key)) { |
| 1279 |
if (JK_IS_DEBUG_LEVEL(l)) |
1443 |
if (JK_IS_DEBUG_LEVEL(l)) |
| 1280 |
jk_log(l, JK_LOG_DEBUG, |
1444 |
jk_log(l, JK_LOG_DEBUG, |