From 6940bf78a6d2dd6080f8d7f720eb66c17d1a11db Mon Sep 17 00:00:00 2001 From: =?utf8?q?Paul=20H=C3=A4nsch?= Date: Thu, 5 Jul 2018 14:40:11 +0200 Subject: [PATCH 1/1] path cononicalization function (works on non-exist pathes unlike realpath) --- cgilite.sh | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/cgilite.sh b/cgilite.sh index f227d27..13cdb3c 100755 --- a/cgilite.sh +++ b/cgilite.sh @@ -50,7 +50,7 @@ HEX_DECODE(){ ')" } -if [ -z "$REQUEST_METHOD" -a -z "$SERVER_PROTOCOL" ]; then +if [ -z "$REQUEST_METHOD" ]; then # no webserver variables means we are running via inetd / ncat # so use builtin web server @@ -173,6 +173,18 @@ URL(){ | tr , % } +PATH(){ + printf %s "$1" \ + | sed -r 's;^.*$;/&/;; s;/+;/;g; + :X; + s;^/../;/;; s;/./;/;g; + tX; + s;/[^/]+/../;/;; + tX; + s;^(/.*)/$;\1;' +} + + SET_COOKIE(){ case "$1" in ''|0|session) expire='';; -- 2.39.2