X-Git-Url: http://git.plutz.net/?p=cgilite;a=blobdiff_plain;f=cgilite.sh;h=333334c460f5cae9bc763f0079584a41132f70c5;hp=b47a3e2e683219b773af4383059a6701f2d44d46;hb=refs%2Fheads%2Fmaster;hpb=e5e180a2c21f271b87e82a8e4894f63b5bf2af34 diff --git a/cgilite.sh b/cgilite.sh index b47a3e2..b2467c3 100755 --- a/cgilite.sh +++ b/cgilite.sh @@ -1,22 +1,21 @@ #!/bin/sh -# Copyright 2017 - 2021 Paul Hänsch -# # This is CGIlite. # A collection of posix shell functions for writing CGI scripts. + +# Copyright 2017 - 2023 Paul Hänsch # -# CGIlite is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# CGIlite is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. # -# You should have received a copy of the GNU Affero General Public License -# along with CGIlite. If not, see . +# THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +# IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. [ -n "$include_cgilite" ] && return 0 # guard set after webserver part @@ -85,8 +84,14 @@ HEX_DECODE(){ # will be copied to the output literally while [ "$in" ]; do + [ "$pfx" ] || case $in in + [0-9a-fA-F][0-9a-fA-F]*):;; + ?*) out="${out}${in%%"${in#?}"}" + in="${in#?}"; continue;; + esac + case $in in - "$pfx"[0-9a-fA-F][0-9a-fA-F]*) in="${in#${pfx}}";; + "$pfx"[0-9a-fA-F][0-9a-fA-F]*) in="${in#"${pfx}"}";; \\*) in="${in#?}"; out="${out}\\\\"; continue;; %*) in="${in#?}"; out="${out}%%"; continue;; *) att="${in%%"${pfx}"*}"; att="${att%%%*}"; att="${att%%\\*}" @@ -264,7 +269,7 @@ HEADER(){ str="${str#*${BR}${1}: }" printf %s "${str%%${BR}*}" else - local var="HTTP_$(printf %s "$1" |tr a-z- A-Z-)" + local var="HTTP_$(printf %s "$1" |tr a-z- A-Z_)" eval "[ \"\$$var\" ] && printf %s \"\$$var\" || return 1" # eval "printf %s \"\$HTTP_$(printf %s "${1}" |tr a-z A-Z |tr -c A-Z _)\"" fi @@ -294,7 +299,7 @@ HTML(){ \]*) out="${out}]"; str="${str#?}";; "${CR}"*) out="${out} "; str="${str#?}";; "${BR}"*) out="${out} "; str="${str#?}";; - *) out="${out}${str%%[]&<>\"\'[]*}"; str="${str#"${str%%[]&<>\"\'[]*}"}";; + *) out="${out}${str%%[]&<>\"\'${CR}${BR}[]*}"; str="${str#"${str%%[]&<>\"\'${CR}${BR}[]*}"}";; esac; done printf %s "$out" } @@ -307,6 +312,7 @@ URL(){ \&*) out="${out}%26"; str="${str#?}";; \"*) out="${out}%22"; str="${str#?}";; \'*) out="${out}%27"; str="${str#?}";; + \`*) out="${out}%60"; str="${str#?}";; \?*) out="${out}%3F"; str="${str#?}";; \#*) out="${out}%23"; str="${str#?}";; \[*) out="${out}%5B"; str="${str#?}";;