summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorReyk Floeter <reyk@cvs.openbsd.org>2015-06-22 11:46:07 +0000
committerReyk Floeter <reyk@cvs.openbsd.org>2015-06-22 11:46:07 +0000
commit6c8ff3e71101c8d437eaaffb17e06b448f87c564 (patch)
treeea913bf180a491f6c436b9e0e8be605c39b9c593
parent4f7aa4c18a69a7a907e70fa9e079a1e397583071 (diff)
After the last change, we also have to url_encode $SERVER_NAME and
$REMOTE_USER before using them in the Location. From Sebastien Marie (semarie)
-rw-r--r--usr.sbin/httpd/server_http.c25
1 files changed, 16 insertions, 9 deletions
diff --git a/usr.sbin/httpd/server_http.c b/usr.sbin/httpd/server_http.c
index 472fe728100..37555f84a36 100644
--- a/usr.sbin/httpd/server_http.c
+++ b/usr.sbin/httpd/server_http.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: server_http.c,v 1.81 2015/06/21 13:08:36 reyk Exp $ */
+/* $OpenBSD: server_http.c,v 1.82 2015/06/22 11:46:06 reyk Exp $ */
/*
* Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@@ -925,12 +925,15 @@ server_expand_http(struct client *clt, const char *val, char *buf,
}
if (strstr(val, "$REMOTE_USER") != NULL) {
if ((srv_conf->flags & SRVFLAG_AUTH) &&
- clt->clt_remote_user != NULL)
- str = clt->clt_remote_user;
- else
- str = "";
- if (expand_string(buf, len,
- "$REMOTE_USER", str) != 0)
+ clt->clt_remote_user != NULL) {
+ if ((str = url_encode(clt->clt_remote_user))
+ == NULL)
+ return (NULL);
+ } else
+ str = strdup("");
+ ret = expand_string(buf, len, "$REMOTE_USER", str);
+ free(str);
+ if (ret != 0)
return (NULL);
}
}
@@ -973,8 +976,12 @@ server_expand_http(struct client *clt, const char *val, char *buf,
return (NULL);
}
if (strstr(val, "$SERVER_NAME") != NULL) {
- if (expand_string(buf, len,
- "$SERVER_NAME", srv_conf->name) != 0)
+ if ((str = url_encode(srv_conf->name))
+ == NULL)
+ return (NULL);
+ ret = expand_string(buf, len, "$SERVER_NAME", str);
+ free(str);
+ if (ret != 0)
return (NULL);
}
}