#!/bin/sh
-# Copyright 2017 Paul Hänsch
+# Copyright 2017 - 2018 Paul Hänsch
#
# This is CGIlite.
# A collection of posix shell functions for writing CGI scripts.
CR="$(printf '\r')"
HEADER(){
- if [ -n "$cgilite_headers+x" ]; then
+ # Read value of header line. Use this instead of
+ # referencing HTTP_* environment variables.
+ if [ -n "${cgilite_headers+x}" ]; then
printf %s "$cgilite_headers" \
- | sed -rn 's;^'"${1}"': ([^\r]+)\r?$;\1;ip;q;'
+ | sed -rn 's;^'"${1}"': ([^\r]+)\r?$;\1;i; tX; d; :X;p;q;'
else
- eval $(printf 'printf $HTTP_'; printf '%s' "${1}" |tr '[a-z]-' '[A-Z]_')
+ eval "printf %s \"\$HTTP_$(printf %s "${1}" |tr a-z A-Z |tr -c A-Z _)\""
fi
}
-if [ "$1" = '--inetd' -a -z "$REQUEST_METHOD" ]; then
+HEX_DECODE(){
+ printf "$(printf %s "$1" \
+ | sed -r '
+ s;\\;\\\\;g; :x; s;%([^0-9A-F]);\\045\1;g; tx;
+ # Hexadecimal { %00 - %FF } will be transformed to octal { \000 - \377 } for posix printf
+ s;%[0123].;&\\0;g; s;%[4567].;&\\1;g; s;%[89AB].;&\\2;g; s;%[CDEF].;&\\3;g;
+ s;%[048C][0-7]\\.;&0;g; s;%[048C][89A-F]\\.;&1;g; s;%[159D][0-7]\\.;&2;g; s;%[159D][89A-F]\\.;&3;g;
+ s;%[26AE][0-7]\\.;&4;g; s;%[26AE][89A-F]\\.;&5;g; s;%[37BF][0-7]\\.;&6;g; s;%[37BF][89A-F]\\.;&7;g;
+ s;%.[08](\\..);\10;g; s;%.[19](\\..);\11;g; s;%.[2A](\\..);\12;g; s;%.[3B](\\..);\13;g;
+ s;%.[4C](\\..);\14;g; s;%.[5D](\\..);\15;g; s;%.[6E](\\..);\16;g; s;%.[7F](\\..);\17;g;
+ ')"
+}
+
+if [ -z "$REQUEST_METHOD" -a -z "$SERVER_PROTOCOL" ]; then
+ # no webserver variables means we are running via inetd / ncat
+ # so use builtin web server
REMOTE_ADDR="${TCPREMOTEIP:-$NCAT_REMOTE_ADDR}"
SERVER_NAME="${TCPLOCALIP:-$NCAT_LOCAL_ADDR}"
SERVER_PORT="${TCPLOCALPORT:-$NCAT_LOCAL_PORT}"
read REQUEST_METHOD REQUEST_URI SERVER_PROTOCOL
- PATH_INFO="${REQUEST_URI%\?*}"
+ PATH_INFO="$(HEX_DECODE "${REQUEST_URI%\?*}")"
QUERY_STRING="${REQUEST_URI#*\?}"
cgilite_headers="$(sed -u '/^\r\?$/q')"
HTTP_CONTENT_LENGTH="$(HEADER Content-Length |grep -xE '[0-9]+')"
- HTTP_COOKIE="$(HEADER Cookie)"
export REMOTE_ADDR SERVER_NAME SERVER_PORT REQUEST_METHOD REQUEST_URI SERVER_PROTOCOL \
- PATH_INFO QUERY_STRING HTTP_CONTENT_LENGTH HTTP_COOKIE
+ PATH_INFO QUERY_STRING HTTP_CONTENT_LENGTH
- . "$0" |sed '1{s;^Status: ;HTTP/1.0 ;; t; iHTTP/1.0 200 OK\r
- }'
+ . "$0" |sed '1{s;^Status: ;HTTP/1.0 ;; t; s;^;HTTP/1.0 200 OK\r\n;;}'
exit $?
fi
}
cgilite_value(){
- printf "$(
+ HEX_DECODE "$(
case $1 in
GET) printf %s "&${QUERY_STRING}";;
POST) printf %s "&${cgilite_post}";;
REF) printf %s "&${HTTP_REFERER#*\?}";;
esac \
| grep -Eo '&'"$2"'=[^&]*' \
- | sed -rn "${3:-1}"'{s;^[^=]+=;;; s;\+; ;g; s;\\;\\\\;g;
- # Hexadecimal { %00 - %FF } will be transformed to octal { \000 - \377 } for posix printf
- s;%[0123].;&\\0;g; s;%[4567].;&\\1;g; s;%[89AB].;&\\2;g; s;%[CDEF].;&\\3;g;
- s;%[048C][0-7]\\.;&0;g; s;%[048C][89A-F]\\.;&1;g; s;%[159D][0-7]\\.;&2;g; s;%[159D][89A-F]\\.;&3;g;
- s;%[26AE][0-7]\\.;&4;g; s;%[26AE][89A-F]\\.;&5;g; s;%[37BF][0-7]\\.;&6;g; s;%[37BF][89A-F]\\.;&7;g;
- s;%.[08](\\..);\10;g; s;%.[19](\\..);\11;g; s;%.[2A](\\..);\12;g; s;%.[3B](\\..);\13;g;
- s;%.[4C](\\..);\14;g; s;%.[5D](\\..);\15;g; s;%.[6E](\\..);\16;g; s;%.[7F](\\..);\17;g;
- p}'
+ | sed -rn "${3:-1}"'{s;^[^=]+=;;; s;\+; ;g; p;}'
)"
}
REF_COUNT(){ cgilite_count REF $1; }
COOKIE(){
- printf "$(
+ HEX_DECODE "$(
HEADER Cookie \
| grep -oE '(^|; ?)'"$1"'=[^;]*' \
- | sed -rn "${2:-1}"'{s;^[^=]+=;;; s;\+; ;g; s;\\;\\\\;g;
- # Hexadecimal { %00 - %FF } will be transformed to octal { \000 - \377 } for posix printf
- s;%[0123].;&\\0;g; s;%[4567].;&\\1;g; s;%[89AB].;&\\2;g; s;%[CDEF].;&\\3;g;
- s;%[048C][0-7]\\.;&0;g; s;%[048C][89A-F]\\.;&1;g; s;%[159D][0-7]\\.;&2;g; s;%[159D][89A-F]\\.;&3;g;
- s;%[26AE][0-7]\\.;&4;g; s;%[26AE][89A-F]\\.;&5;g; s;%[37BF][0-7]\\.;&6;g; s;%[37BF][89A-F]\\.;&7;g;
- s;%.[08](\\..);\10;g; s;%.[19](\\..);\11;g; s;%.[2A](\\..);\12;g; s;%.[3B](\\..);\13;g;
- s;%.[4C](\\..);\14;g; s;%.[5D](\\..);\15;g; s;%.[6E](\\..);\16;g; s;%.[7F](\\..);\17;g;
- p}'
+ | sed -rn "${2:-1}"'{s;^[^=]+=;;; s;\+; ;g; p;}'
)"
}
-COOKIE foo
-echo
-COOKIE bar
-
HTML(){
# HTML Entity Coding
# Prints UTF-8 string as decimal Unicode Code Points