# You should have received a copy of the GNU Affero General Public License
# along with CGIlite. If not, see <http://www.gnu.org/licenses/>.
+ [ -n "$include_cgilite" ] && return 0
+ # guard set after webserver part
+
# ksh and zsh workaround
# set -o posix # ksh, not portable
setopt -o OCTAL_ZEROES 2>&-
exit 0
fi
+ include_cgilite="$0"
+
if [ "${REQUEST_METHOD}" = POST -a "${CONTENT_LENGTH:-0}" -gt 0 -a \
"${CONTENT_TYPE}" = "application/x-www-form-urlencoded" ]; then
cgilite_post="$(head -c "$CONTENT_LENGTH")"
fi
+ debug(){ [ $# -gt 0 ] && printf '%s\n' "$@" >&2 || tee -a /dev/stderr; }
[ "${DEBUG+x}" ] && env >&2
cgilite_count(){
\'*) out="${out}'";;
\[*) out="${out}[";;
\]*) out="${out}]";;
+ "${CR}"*) out="${out}
";;
"${BR}"*) out="${out}
";;
*) out="${out}${str%"${str#?}"}";;
esac
\[*) out="${out}%5B";;
\]*) out="${out}%5D";;
\ *) out="${out}%20";;
+ " "*) out="${out}%09";;
+ "${CR}"*) out="${out}%0D";;
"${BR}"*) out="${out}%0A";;
%*) out="${out}%25";;
*) out="${out}${str%"${str#?}"}";;
svg) printf 'image/svg+xml';;
gif) printf 'image/gif';;
webm) printf 'video/webm';;
- mp4) printf 'video/mp4';;
+ mp4|m4v) printf 'video/mp4';;
+ m4a) printf 'audio/mp4';;
ogg) printf 'audio/ogg';;
xml) printf 'application/xml';;
+ m3u8) printf 'application/x-mpegURL';;
+ ts) printf 'video/MP2T';;
+ mpd) printf 'application/dash+xml';;
+ m4s) printf 'video/iso.segment';;
*) printf 'application/octet-stream';;
esac
}
local session sid time sig serverkey checksig
IFS=- read -r sid time sig <<-END
- $(COOKIE session)
+ $(POST session_key || COOKIE session)
END
serverkey="$(server_key)"
-a "$time" -ge "$_DATE" \
-a "$(printf %s "$sid" |checkid)" ] 2>&-
then
- debug Setting up new session
+ debug "Setting up new session"
sid="$(randomid)"
fi
printf %s\\n "${sid}-${time}-${sig}"
}
- SESSION_ID="$(update_session)"
- SET_COOKIE 0 session="$SESSION_ID" Path=/ SameSite=Strict HttpOnly
- SESSION_ID="${SESSION_ID%%-*}"
+ SESSION_KEY="$(update_session)"
+ SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+ SESSION_ID="${SESSION_KEY%%-*}"