ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/Coro/myhttpd/httpd.pl
(Generate patch)

Comparing Coro/myhttpd/httpd.pl (file contents):
Revision 1.84 by root, Sat Dec 8 21:01:16 2007 UTC vs.
Revision 1.85 by root, Mon Feb 18 17:48:00 2008 UTC

424sub map_uri { 424sub map_uri {
425 my $self = shift; 425 my $self = shift;
426 my $host = $self->{server_name}; 426 my $host = $self->{server_name};
427 my $uri = $self->{uri}; 427 my $uri = $self->{uri};
428 428
429 $host =~ /[\/\\]/
430 and $self->err(400, "bad request");
431
429 # some massaging, also makes it more secure 432 # some massaging, also makes it more secure
430 $uri =~ s/%([0-9a-fA-F][0-9a-fA-F])/chr hex $1/ge; 433 $uri =~ s/%([0-9a-fA-F][0-9a-fA-F])/chr hex $1/ge;
431 $uri =~ s%//+%/%g; 434 $uri =~ s%//+%/%g;
432 $uri =~ s%/\.(?=/|$)%%g; 435 $uri =~ s%/\.(?=/|$)%%g;
433 1 while $uri =~ s%/[^/]+/\.\.(?=/|$)%%; 436 1 while $uri =~ s%/[^/]+/\.\.(?=/|$)%%;

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines