From a97964688b73d0a3237c798dce3fb064ff29ff11 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 17 Apr 2010 19:05:40 -0400 Subject: unfinished file_prune revamp Many calls to file_prune were incorrectly calling it with 2 parameters. In cases where the filename being checked is relative to the srcdir, that is not needed. Made absolute filenames be pruned. (This won't work for the 2 parameter call style.) --- IkiWiki/Plugin/editpage.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'IkiWiki/Plugin/editpage.pm') diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index 44fe5514a..ee1de8eaa 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -94,7 +94,7 @@ sub cgi_editpage ($$) { $page=possibly_foolish_untaint($page); my $absolute=($page =~ s#^/+##); if (! defined $page || ! length $page || - file_pruned($page, $config{srcdir})) { + file_pruned($page)) { error(gettext("bad page name")); } @@ -220,7 +220,7 @@ sub cgi_editpage ($$) { my $best_loc; if (! defined $from || ! length $from || $from ne $form->field('from') || - file_pruned($from, $config{srcdir}) || + file_pruned($from) || $from=~/^\// || $absolute || $form->submitted) { -- cgit v1.2.3 From 7a92c0aa4aea1bffc9090d982c4b55af9e0b0c02 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 20 Apr 2010 13:49:46 -0400 Subject: clarify why absolute is tested & stripped here file_prune also fails on absolute filenames now --- IkiWiki/Plugin/editpage.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'IkiWiki/Plugin/editpage.pm') diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index ee1de8eaa..dff777138 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -92,7 +92,7 @@ sub cgi_editpage ($$) { # wiki_file_regexp. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/; $page=possibly_foolish_untaint($page); - my $absolute=($page =~ s#^/+##); + my $absolute=($page =~ s#^/+##); # absolute name used for force location if (! defined $page || ! length $page || file_pruned($page)) { error(gettext("bad page name")); -- cgit v1.2.3 From 230a8b22a471c018c8ec48cd07427c42238a4970 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 20 Apr 2010 13:59:17 -0400 Subject: remove explicit absolute test file_pruned now tests for that --- IkiWiki/Plugin/editpage.pm | 1 - 1 file changed, 1 deletion(-) (limited to 'IkiWiki/Plugin/editpage.pm') diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index dff777138..2130a8402 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -221,7 +221,6 @@ sub cgi_editpage ($$) { if (! defined $from || ! length $from || $from ne $form->field('from') || file_pruned($from) || - $from=~/^\// || $absolute || $form->submitted) { @page_locs=$best_loc=$page; -- cgit v1.2.3 From 81eae1a531ab6e538985a8531b39ef3c5f865bdc Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 20 Apr 2010 14:25:17 -0400 Subject: typo --- IkiWiki/Plugin/editpage.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'IkiWiki/Plugin/editpage.pm') diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm index 2130a8402..26e38abc1 100644 --- a/IkiWiki/Plugin/editpage.pm +++ b/IkiWiki/Plugin/editpage.pm @@ -92,7 +92,7 @@ sub cgi_editpage ($$) { # wiki_file_regexp. my ($page)=$form->field('page')=~/$config{wiki_file_regexp}/; $page=possibly_foolish_untaint($page); - my $absolute=($page =~ s#^/+##); # absolute name used for force location + my $absolute=($page =~ s#^/+##); # absolute name used to force location if (! defined $page || ! length $page || file_pruned($page)) { error(gettext("bad page name")); -- cgit v1.2.3