version 4.2, 2019/11/09 09:10:05 |
version 4.11, 2019/11/10 14:39:55 |
|
|
#!/usr/bin/perl -T |
#!/usr/bin/perl |
# $Id$ |
# $Id$ |
# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon |
# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon |
# |
# |
|
|
require 5.006; |
require 5.006; |
|
|
use strict; |
use strict; |
|
|
use warnings; |
use warnings; |
use filetest qw(access); |
use filetest qw(access); |
|
|
|
|
); |
); |
|
|
use Cwd qw(abs_path); |
use Cwd qw(abs_path); |
use File::Basename qw(dirname); |
|
use File::Path qw(rmtree); |
use File::Path qw(rmtree); |
use File::Spec::Functions qw(canonpath catdir catfile curdir devnull rootdir |
use File::Spec::Functions qw(canonpath catdir catfile curdir devnull rootdir |
tmpdir updir); |
tmpdir updir); |
Line 115 use constant HAS_EDIFF => eval { require String::Ed |
|
Line 113 use constant HAS_EDIFF => eval { require String::Ed |
|
|
|
BEGIN |
BEGIN |
{ |
{ |
$VERSION = '3.0.6'; |
$VERSION = '3.1'; |
|
|
$HTML_DOCTYPE = |
$HTML_DOCTYPE = |
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ' . |
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ' . |
Line 204 sub checkout_to_temp($$$); |
|
Line 202 sub checkout_to_temp($$$); |
|
# (think mod_perl)... |
# (think mod_perl)... |
delete(@ENV{qw(PATH IFS CDPATH ENV BASH_ENV)}); |
delete(@ENV{qw(PATH IFS CDPATH ENV BASH_ENV)}); |
|
|
my ($mydir) = (dirname($0) =~ /(.*)/); # untaint |
# Location of the configuration file inside the web server chroot: |
|
$config = '/conf/cvsweb/cvsweb.conf'; |
|
|
##### Start of Configuration Area ######## |
|
|
|
# == EDIT this == |
|
# Locations to search for user configuration, in order: |
|
for (catfile($mydir, 'cvsweb.conf'), '/usr/local/etc/cvsweb/cvsweb.conf') { |
|
if (-r $_) { |
|
$config = $_; |
|
last; |
|
} |
|
} |
|
|
|
##### End of Configuration Area ######## |
|
|
|
undef $mydir; |
|
|
|
######## Configuration parameters ######### |
######## Configuration parameters ######### |
|
|
@CVSrepositories = @CVSROOT = %CVSROOT = %MIRRORS = %DEFAULTVALUE = %ICONS = |
@CVSrepositories = @CVSROOT = %CVSROOT = %MIRRORS = %DEFAULTVALUE = %ICONS = |
Line 374 if (defined($ENV{QUERY_STRING})) { |
|
Line 358 if (defined($ENV{QUERY_STRING})) { |
|
$p =~ y/+/ /; |
$p =~ y/+/ /; |
my ($key, $val) = split(/=/, $p, 2); |
my ($key, $val) = split(/=/, $p, 2); |
next unless defined($key); |
next unless defined($key); |
$val = 1 unless defined($val); |
$key = uri_unescape($key); |
($key = uri_unescape($key)) =~ /[[:graph:]]/ or next; |
$key =~ /([^a-z_12-])/ and fatal('404 Not Found', |
($val = uri_unescape($val)) =~ /[[:graph:]]/ or next; |
'Invalid character "%s" in query parameter "%s"', $1, $key); |
|
if (defined $val) { |
|
$val = uri_unescape($val); |
|
$val =~ /([^a-zA-Z_01-9.\/-])/ and fatal('404 Not Found', |
|
'Invalid character "%s" in the value "%s" of the query parameter "%s"', |
|
$1, $value, $key); |
|
} else { |
|
$val = 1; |
|
} |
$query{$key} = $val; |
$query{$key} = $val; |
} |
} |
} |
} |
Line 773 if ($input{tarball}) { |
|
Line 765 if ($input{tarball}) { |
|
} |
} |
|
|
# Clean up. |
# Clean up. |
|
chdir(".."); |
rmtree($tmpexportdir); |
rmtree($tmpexportdir); |
|
|
&fatal(@fatal) if @fatal; |
&fatal(@fatal) if @fatal; |
Line 1556 sub htmlify($;$) |
|
Line 1549 sub htmlify($;$) |
|
}{ |
}{ |
my($text, $name, $section) = ($1, $2, defined($3) ? $3 : $4); |
my($text, $name, $section) = ($1, $2, defined($3) ? $3 : $4); |
($name =~ /[A-Za-z]/ && $name !~ /\.(:|$)/) |
($name =~ /[A-Za-z]/ && $name !~ /\.(:|$)/) |
? &link($text, sprintf($mancgi, $section, uri_escape($name))) |
? &link($text, sprintf($mancgi, uri_escape($name), $section)) |
: $text; |
: $text; |
}egx; |
}egx; |
} $_; |
} $_; |
Line 2934 sub printLog($$$;$$) |
|
Line 2927 sub printLog($$$;$$) |
|
print "<br />\n"; |
print "<br />\n"; |
|
|
print '<i>'; |
print '<i>'; |
if (defined @mytz) { |
if (@mytz) { |
my ($est) = $mytz[(localtime($date{$_}))[8]]; |
my ($est) = $mytz[(localtime($date{$_}))[8]]; |
print scalar localtime($date{$_}), " $est</i> ("; |
print scalar localtime($date{$_}), " $est</i> ("; |
} else { |
} else { |
Line 4210 sub htmlquote($) |
|
Line 4203 sub htmlquote($) |
|
# Special Characters; RFC 1866 |
# Special Characters; RFC 1866 |
s/&/&/g; |
s/&/&/g; |
s/\"/"/g; |
s/\"/"/g; |
|
s/"/"/g; |
s/</</g; |
s/</</g; |
s/>/>/g; |
s/>/>/g; |
return $_; |
return $_; |
Line 4249 sub http_header(;$$) |
|
Line 4243 sub http_header(;$$) |
|
push(@headers, 'Last-Modified: ' . scalar gmtime($moddate) . ' GMT') |
push(@headers, 'Last-Modified: ' . scalar gmtime($moddate) . ' GMT') |
if $moddate; |
if $moddate; |
push(@headers, 'Content-Type: ' . $content_type); |
push(@headers, 'Content-Type: ' . $content_type); |
|
push(@headers, "Content-Security-Policy: default-src 'none'; " . |
|
"img-src 'self'; style-src 'unsafe-inline'"); |
|
|
if ($allow_compress && $maycompress) { |
if ($allow_compress && $maycompress) { |
if (HAS_ZLIB |
if (HAS_ZLIB |