blackbeard420/kore
1
0
Fork 0
mirror of https://github.com/jorisvink/kore synced 2025-03-09 12:39:01 -04:00
Code Issues Projects Releases Wiki Activity

Change http_argument_urldecode().

Browse Source 
Takes a new parameter now `qs`, if set to 1 it'll urldecode
according to how its always done it before.

If not set to 0 (for posts for example), the decoder will allow
\n and \r in addition to the other ones.
This commit is contained in:
Joris Vink 2023-03-12 23:33:47 +01:00
parent 21839aeaa2
commit 15071f5a14
3 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/kore/http.h
View File

@ -415,8 +415,8 @@ int http_state_exists(struct http_request *);
void http_state_cleanup(struct http_request *); void http_state_cleanup(struct http_request *);
void *http_state_create(struct http_request *, size_t); void *http_state_create(struct http_request *, size_t);
int http_argument_urldecode(char *);
int http_header_recv(struct netbuf *); int http_header_recv(struct netbuf *);
int http_argument_urldecode(char *, int);
void http_populate_qs(struct http_request *); void http_populate_qs(struct http_request *);
void http_populate_post(struct http_request *); void http_populate_post(struct http_request *);
void http_populate_multipart_form(struct http_request *); void http_populate_multipart_form(struct http_request *);

2
src/filemap.c
View File

@ -195,7 +195,7 @@ filemap_serve(struct http_request *req, const struct filemap_entry *map)
return; return;
} }
if (!http_argument_urldecode(fpath)) { if (!http_argument_urldecode(fpath, 1)) {
http_response(req, HTTP_STATUS_BAD_REQUEST, NULL, 0); http_response(req, HTTP_STATUS_BAD_REQUEST, NULL, 0);
return; return;
} }

16
src/http.c
View File

@ -1008,7 +1008,7 @@ http_argument_get(struct http_request *req, const char *name,
} }
int int
http_argument_urldecode(char *arg) http_argument_urldecode(char *arg, int url)
{ {
u_int8_t v; u_int8_t v;
int err; int err;
@ -1046,8 +1046,14 @@ http_argument_urldecode(char *arg)
if (err != KORE_RESULT_OK) if (err != KORE_RESULT_OK)
return (err); return (err);
if (v <= 0x1f || v == 0x7f) if (url) {
return (KORE_RESULT_ERROR); if (v <= 0x1f || v == 0x7f)
return (KORE_RESULT_ERROR);
} else {
if ((v <= 0x1f || v == 0x7f) &&
(v != '\n' && v != '\r'))
return (KORE_RESULT_ERROR);
}
*in++ = (char)v; *in++ = (char)v;
p += 3; p += 3;
@ -2284,7 +2290,7 @@ http_argument_add(struct http_request *req, char *name, char *value, int qs,
struct kore_route_params *p; struct kore_route_params *p;
if (decode) { if (decode) {
if (!http_argument_urldecode(name)) if (!http_argument_urldecode(name, qs))
return; return;
} }
@ -2301,7 +2307,7 @@ http_argument_add(struct http_request *req, char *name, char *value, int qs,
continue; continue;
if (decode) { if (decode) {
if (!http_argument_urldecode(value)) if (!http_argument_urldecode(value, qs))
return; return;
} }