# You should have received a copy of the GNU Affero General Public License
# along with shcgi. If not, see <http://www.gnu.org/licenses/>.
+unset _GET _POST _REF _COOKIE
declare -A _GET
declare -A _POST
declare -A _REF
debug "_GET[$key] => $val"
done
-if [ "$REQUEST_METHOD" = POST ]; then
+if [ "$REQUEST_METHOD" = POST -a "${HTTP_CONTENT_LENGTH:=$CONTENT_LENGTH}" -gt 0 ]; then
# parse HTTP POST string
debug "== CGI DATA: POST =="
- sed -u 1q |tr '&' '\n' |while read query; do
+ head -c "$HTTP_CONTENT_LENGTH" \
+ | sed -un 's;&;\n;g; p; q' \
+ | while read query; do
key="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\1:')"
val="$(printf %s "$query" |sed -r 's:^([\.a-zA-Z0-9_-]+)=(.*)$:\2:')"
value="$(printf "$(printf %s "$val" |sed 's:+: :g;s:\\:\\\\:g;s:%:\\x:g;')")"
s;%67;g;g; s;%68;h;g; s;%69;i;g; s;%6A;j;g; s;%6B;k;g; s;%6C;l;g;
s;%6D;m;g; s;%6E;n;g; s;%6F;o;g; s;%70;p;g; s;%71;q;g; s;%72;r;g;
s;%73;s;g; s;%74;t;g; s;%75;u;g; s;%76;v;g; s;%77;w;g; s;%78;x;g;
- s;%79;y;g; s;%7A;z;g;'
+ s;%79;y;g; s;%7A;z;g; s;%2D;-;g; s;%2E;.;g; s;%2F;/;g; s;%5F;_;g'
}
attribsafe(){
# except alphanumerig ascii
printf %s "$*" \
- | hexdump -v -e '/1 "&#x%02X;"' \
+ | iconv -f utf-8 -t utf32le \
+ | hexdump -v -e '/4 "&#x%02X;"' \
| sed 's;0\;;0;g; s;1\;;1;g; s;2\;;2;g; s;3\;;3;g; s;4\;;4;g; s;5\;;5;g;
s;6\;;6;g; s;7\;;7;g; s;8\;;8;g; s;9\;;9;g;
s;A\;;A;g; s;B\;;B;g; s;C\;;C;g; s;D\;;D;g; s;E\;;E;g; s;F\;;F;g;
}
redirect(){
- printf '%s\n\n' "Location: $*"
+ printf '%s\r\n\r\n' "Location: $*"
exit 0
}
printf 'Set-Cookie: %s' "$cookie"
[ -n "$expire" ] && printf '; Expires=%s' "$expire"
[ $# -ge 3 ] && shift 2 && printf '; %s' "$@"
- printf '\n'
+ printf '\r\n'
}