version 4.5, 2019/11/09 09:24:13 |
version 4.11, 2019/11/10 14:39:55 |
Line 113 use constant HAS_EDIFF => eval { require String::Ed |
|
Line 113 use constant HAS_EDIFF => eval { require String::Ed |
|
|
|
BEGIN |
BEGIN |
{ |
{ |
$VERSION = '3.0.6'; |
$VERSION = '3.1'; |
|
|
$HTML_DOCTYPE = |
$HTML_DOCTYPE = |
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ' . |
'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ' . |
Line 358 if (defined($ENV{QUERY_STRING})) { |
|
Line 358 if (defined($ENV{QUERY_STRING})) { |
|
$p =~ y/+/ /; |
$p =~ y/+/ /; |
my ($key, $val) = split(/=/, $p, 2); |
my ($key, $val) = split(/=/, $p, 2); |
next unless defined($key); |
next unless defined($key); |
$val = 1 unless defined($val); |
$key = uri_unescape($key); |
($key = uri_unescape($key)) =~ /[[:graph:]]/ or next; |
$key =~ /([^a-z_12-])/ and fatal('404 Not Found', |
($val = uri_unescape($val)) =~ /[[:graph:]]/ or next; |
'Invalid character "%s" in query parameter "%s"', $1, $key); |
|
if (defined $val) { |
|
$val = uri_unescape($val); |
|
$val =~ /([^a-zA-Z_01-9.\/-])/ and fatal('404 Not Found', |
|
'Invalid character "%s" in the value "%s" of the query parameter "%s"', |
|
$1, $value, $key); |
|
} else { |
|
$val = 1; |
|
} |
$query{$key} = $val; |
$query{$key} = $val; |
} |
} |
} |
} |
Line 757 if ($input{tarball}) { |
|
Line 765 if ($input{tarball}) { |
|
} |
} |
|
|
# Clean up. |
# Clean up. |
|
chdir(".."); |
rmtree($tmpexportdir); |
rmtree($tmpexportdir); |
|
|
&fatal(@fatal) if @fatal; |
&fatal(@fatal) if @fatal; |
Line 1540 sub htmlify($;$) |
|
Line 1549 sub htmlify($;$) |
|
}{ |
}{ |
my($text, $name, $section) = ($1, $2, defined($3) ? $3 : $4); |
my($text, $name, $section) = ($1, $2, defined($3) ? $3 : $4); |
($name =~ /[A-Za-z]/ && $name !~ /\.(:|$)/) |
($name =~ /[A-Za-z]/ && $name !~ /\.(:|$)/) |
? &link($text, sprintf($mancgi, $section, uri_escape($name))) |
? &link($text, sprintf($mancgi, uri_escape($name), $section)) |
: $text; |
: $text; |
}egx; |
}egx; |
} $_; |
} $_; |
Line 4194 sub htmlquote($) |
|
Line 4203 sub htmlquote($) |
|
# Special Characters; RFC 1866 |
# Special Characters; RFC 1866 |
s/&/&/g; |
s/&/&/g; |
s/\"/"/g; |
s/\"/"/g; |
|
s/"/"/g; |
s/</</g; |
s/</</g; |
s/>/>/g; |
s/>/>/g; |
return $_; |
return $_; |
Line 4233 sub http_header(;$$) |
|
Line 4243 sub http_header(;$$) |
|
push(@headers, 'Last-Modified: ' . scalar gmtime($moddate) . ' GMT') |
push(@headers, 'Last-Modified: ' . scalar gmtime($moddate) . ' GMT') |
if $moddate; |
if $moddate; |
push(@headers, 'Content-Type: ' . $content_type); |
push(@headers, 'Content-Type: ' . $content_type); |
|
push(@headers, "Content-Security-Policy: default-src 'none'; " . |
|
"img-src 'self'; style-src 'unsafe-inline'"); |
|
|
if ($allow_compress && $maycompress) { |
if ($allow_compress && $maycompress) { |
if (HAS_ZLIB |
if (HAS_ZLIB |