Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Accept the X-Forwarded-For HTTP header argument if input is coming from a socket with a remote address of "127.0.0.1". |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
29b558a1c10f6c627548f30bac8becd5 |
| User & Date: | drh 2013-08-03 22:42:02.232 |
Context
|
2013-08-03
| ||
| 23:19 | Enhance the test_env webpage so that it shows the original HTTP header text in showall=1 mode. ... (check-in: 03f07b5a66 user: drh tags: trunk) | |
| 22:42 | Accept the X-Forwarded-For HTTP header argument if input is coming from a socket with a remote address of "127.0.0.1". ... (check-in: 29b558a1c1 user: drh tags: trunk) | |
| 17:11 | Added missing U card from the initial description of Control Artifact requirements. ... (check-in: cac2d69546 user: stephan tags: trunk) | |
Changes
Changes to src/cgi.c.
| ︙ | ︙ | |||
1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 |
va_start(ap, zFormat);
vxprintf(pContent,zFormat,ap);
va_end(ap);
cgi_reply();
fossil_exit(1);
}
}
/*
** Remove the first space-delimited token from a string and return
** a pointer to it. Add a NULL to the string to terminate the token.
** Make *zLeftOver point to the start of the next token.
*/
static char *extract_token(char *zInput, char **zLeftOver){
| > > > > > > > > > > | 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 |
va_start(ap, zFormat);
vxprintf(pContent,zFormat,ap);
va_end(ap);
cgi_reply();
fossil_exit(1);
}
}
/* z[] is the value of an X-FORWARDED-FOR: line in an HTTP header.
** Return true if we should accept this value as a real IP address.
** Return false to stick with the IP address previously computed and
** loaded into g.zIpAddr.
*/
static int cgi_accept_forwarded_for(const char *z){
if( fossil_strcmp(g.zIpAddr, "127.0.0.1")==0 ) return 1;
return 0;
}
/*
** Remove the first space-delimited token from a string and return
** a pointer to it. Add a NULL to the string to terminate the token.
** Make *zLeftOver point to the start of the next token.
*/
static char *extract_token(char *zInput, char **zLeftOver){
|
| ︙ | ︙ | |||
1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 |
cgi_setenv("HTTP_IF_MODIFIED_SINCE", zVal);
#if 0
}else if( fossil_strcmp(zFieldName,"referer:")==0 ){
cgi_setenv("HTTP_REFERER", zVal);
#endif
}else if( fossil_strcmp(zFieldName,"user-agent:")==0 ){
cgi_setenv("HTTP_USER_AGENT", zVal);
}
}
cgi_init();
cgi_trace(0);
}
#if INTERFACE
| > > > > > | 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 |
cgi_setenv("HTTP_IF_MODIFIED_SINCE", zVal);
#if 0
}else if( fossil_strcmp(zFieldName,"referer:")==0 ){
cgi_setenv("HTTP_REFERER", zVal);
#endif
}else if( fossil_strcmp(zFieldName,"user-agent:")==0 ){
cgi_setenv("HTTP_USER_AGENT", zVal);
}else if( fossil_strcmp(zFieldName,"x-forwarded-for:")==0 ){
if( cgi_accept_forwarded_for(zVal) ){
g.zIpAddr = mprintf("%s", zVal);
cgi_replace_parameter("REMOTE_ADDR", g.zIpAddr);
}
}
}
cgi_init();
cgi_trace(0);
}
#if INTERFACE
|
| ︙ | ︙ |