===================================================================
RCS file: /cvs/cvsweb/cvsweb.cgi,v
retrieving revision 4.1
retrieving revision 4.16
diff -u -p -r4.1 -r4.16
--- cvsweb/cvsweb.cgi 2019/11/08 21:08:26 4.1
+++ cvsweb/cvsweb.cgi 2019/11/11 13:15:09 4.16
@@ -1,5 +1,5 @@
-#!/usr/bin/perl -T
-# $Id: cvsweb.cgi,v 4.1 2019/11/08 21:08:26 schwarze Exp $
+#!/usr/bin/perl
+# $Id: cvsweb.cgi,v 4.16 2019/11/11 13:15:09 schwarze Exp $
# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon
#
# cvsweb - a CGI interface to CVS trees.
@@ -50,7 +50,6 @@
require 5.006;
use strict;
-
use warnings;
use filetest qw(access);
@@ -65,7 +64,7 @@ use vars qw (
@revisions %state %difflines %log %branchpoint @revorder $keywordsubstitution
$prcgi @prcategories $re_prcategories $prkeyword $re_prkeyword $mancgi
$doCheckout $scriptname $scriptwhere
- $where $Browser $nofilelinks $maycompress @stickyvars %funcline_regexp
+ $where $Browser $nofilelinks $maycompress @stickyvars
$is_links $is_lynx $is_w3m $is_msie $is_mozilla3 $is_textbased
%input $query $barequery $sortby $bydate $byrev $byauthor
$bylog $byfile $defaultDiffType $logsort $cvstree $cvsroot
@@ -87,8 +86,8 @@ use vars qw (
$allow_enscript @enscript_options %enscript_types
);
+require Compress::Zlib;
use Cwd qw(abs_path);
-use File::Basename qw(dirname);
use File::Path qw(rmtree);
use File::Spec::Functions qw(canonpath catdir catfile curdir devnull rootdir
tmpdir updir);
@@ -104,9 +103,6 @@ use constant CVSWEBMARKUP => qr{^text/(x-cvsweb|vnd\.v
use constant LOG_FILESEPR => qr/^={77}$/o;
use constant LOG_REVSEPR => qr/^-{28}$/o;
-use constant HAS_ZLIB => eval { require Compress::Zlib; };
-use constant HAS_EDIFF => eval { require String::Ediff; };
-
# -----------------------------------------------------------------------------
# All global initialization that can be done in compile time should go to
@@ -115,7 +111,7 @@ use constant HAS_EDIFF => eval { require String::Ed
BEGIN
{
- $VERSION = '3.0.6';
+ $VERSION = '3.1';
$HTML_DOCTYPE =
' 'colored',
@@ -259,12 +241,6 @@ $allow_version_select = $allow_mailtos = $allow_log_ex
'opts' => ['-c'],
'colored' => 0,
},
- {
- 'descr' => 'side by side',
- # width=168 should be enough to support 80 character line lengths
- 'opts' => ['--side-by-side', '--width=168'],
- 'colored' => 0,
- },
);
@LOGSORTKEYS = qw(cvs date rev);
@@ -339,7 +315,7 @@ $maycompress = (
&& $ENV{HTTP_ACCEPT_ENCODING} =~ /gzip/)
|| $is_mozilla3)
&& !$is_msie
- && !(defined($ENV{MOD_PERL}) && !HAS_ZLIB)
+ && !(defined($ENV{MOD_PERL}))
);
# Parameters that will be sticky in all constructed links/query strings.
@@ -380,9 +356,17 @@ if (defined($ENV{QUERY_STRING})) {
$p =~ y/+/ /;
my ($key, $val) = split(/=/, $p, 2);
next unless defined($key);
- $val = 1 unless defined($val);
- ($key = uri_unescape($key)) =~ /[[:graph:]]/ or next;
- ($val = uri_unescape($val)) =~ /[[:graph:]]/ or next;
+ $key = uri_unescape($key);
+ $key =~ /([^a-z_12-])/ and fatal('404 Not Found',
+ 'Invalid character "%s" in query parameter "%s"', $1, $key);
+ if (defined $val) {
+ $val = uri_unescape($val);
+ $val =~ /([^a-zA-Z_01-9.\/-])/ and fatal('404 Not Found',
+ 'Invalid character "%s" in the value "%s" of the query parameter "%s"',
+ $1, $val, $key);
+ } else {
+ $val = 1;
+ }
$query{$key} = $val;
}
}
@@ -555,8 +539,8 @@ foreach (@stickyvars) {
}
if ($allow_enscript) {
- push(@DIFFTYPES, qw(uc cc sc));
- @DIFFTYPES{qw(uc cc sc)} = (
+ push(@DIFFTYPES, qw(uc cc));
+ @DIFFTYPES{qw(uc cc)} = (
{
'descr' => 'unified, colored',
'opts' => ['-u'],
@@ -567,12 +551,6 @@ if ($allow_enscript) {
'opts' => ['-c'],
'colored' => 0,
},
- {
- 'descr' => 'side by side, colored',
- # width=168 should be enough to support 80 character line lengths
- 'opts' => ['--side-by-side', '--width=168'],
- 'colored' => 0,
- },
);
} else {
# No Enscript -> respect difftype, but don't offer colorization.
@@ -785,6 +763,7 @@ if ($input{tarball}) {
}
# Clean up.
+ chdir("..");
rmtree($tmpexportdir);
&fatal(@fatal) if @fatal;
@@ -1198,7 +1177,7 @@ EOF
EOF
- for my $v qw(hidecvsroot hidenonreadable) {
+ for my $v (qw(hidecvsroot hidenonreadable)) {
printf(qq{\n},
$v, $input{$v} || 0);
}
@@ -1568,7 +1547,7 @@ sub htmlify($;$)
}{
my($text, $name, $section) = ($1, $2, defined($3) ? $3 : $4);
($name =~ /[A-Za-z]/ && $name !~ /\.(:|$)/)
- ? &link($text, sprintf($mancgi, $section, uri_escape($name)))
+ ? &link($text, sprintf($mancgi, uri_escape($name), $section))
: $text;
}egx;
} $_;
@@ -2319,18 +2298,8 @@ sub doDiff($$$$$$)
my @difftype = @{$difftype->{opts}};
my $human_readable = $difftype->{colored};
- # Apply special diff options. -p and -F are not available with side by side
- # diffs and may cause problems with older (< 2.8) versions of diffutils if
- # used with --side-by-side.
- if ($showfunc && $f !~ /^s/) {
- push(@difftype, '-p');
- while (my ($re1, $re2) = each %funcline_regexp) {
- if ($fullname =~ $re1) {
- push(@difftype, '-F', $re2);
- last;
- }
- }
- }
+ # Apply special diff options.
+ push @difftype, '-p' if $showfunc;
if ($human_readable) {
push(@difftype, '-w') if $hr_ignwhite;
@@ -2956,7 +2925,7 @@ sub printLog($$$;$$)
print "
\n";
print '';
- if (defined @mytz) {
+ if (@mytz) {
my ($est) = $mytz[(localtime($date{$_}))[8]];
print scalar localtime($date{$_}), " $est (";
} else {
@@ -3382,214 +3351,6 @@ EOF
}
} elsif ($state eq "PreChange") { # state eq "PreChange"
# we got removes with subsequent adds
- if (HAS_EDIFF) {
- # construct the suffix tree
- my $left_diff = join("\n", @$leftColRef[0..$leftRow-1]);
- my $right_diff = join("\n", @$rightColRef[0..$rightRow-1]);
- my $diff_str = String::Ediff::ediff($left_diff, $right_diff);
-
- my @diff_str = split(/ /, $diff_str);
- my $INFINITY = 10000000;
- push(@diff_str, ($INFINITY) x 8);
- my ($idx, $b1, $e1, $lb1, $le1, $b2, $e2, $lb2, $le2) =
- (0, @diff_str[0..7]);
- my ($l_cul, $r_cul) = (0, 0);
- my ($ldx, $rdx) = (0, 0);
- my (@left_html, @right_html);
- for (my $j = 0; $j < $leftRow; $j++) {
- my $line_len = length(@$leftColRef[$j]);
- my $line = @$leftColRef[$j];
- $l_cul += length($line) + 1; # includes "\n"
- my $l_culx = $l_cul - 1; # not includes "\n"
- if ($j < $lb1) {
- $line = spacedHtmlText($line);
- push(@left_html, "
%s
) to compress output