diff options
author | nijtmans <nijtmans> | 2009-11-11 06:49:04 (GMT) |
---|---|---|
committer | nijtmans <nijtmans> | 2009-11-11 06:49:04 (GMT) |
commit | 8be022f88dcd5cbe494a84980ba3d14df3e18f48 (patch) | |
tree | 6d82be7455eb7c7a8cf8046cf518e5b9c40057d5 /library | |
parent | 69e155a5691d03e8293409bdc307651f0c92494e (diff) | |
download | tcl-8be022f88dcd5cbe494a84980ba3d14df3e18f48.zip tcl-8be022f88dcd5cbe494a84980ba3d14df3e18f48.tar.gz tcl-8be022f88dcd5cbe494a84980ba3d14df3e18f48.tar.bz2 |
Fix [Bug 2891171]: URL checking too strict when using multiple question marks
Diffstat (limited to 'library')
-rw-r--r-- | library/http/http.tcl | 34 | ||||
-rw-r--r-- | library/http/pkgIndex.tcl | 2 |
2 files changed, 18 insertions, 18 deletions
diff --git a/library/http/http.tcl b/library/http/http.tcl index 18487fb..6ec2a54 100644 --- a/library/http/http.tcl +++ b/library/http/http.tcl @@ -8,12 +8,12 @@ # See the file "license.terms" for information on usage and redistribution of # this file, and for a DISCLAIMER OF ALL WARRANTIES. # -# RCS: @(#) $Id: http.tcl,v 1.77 2009/09/10 21:20:01 dkf Exp $ +# RCS: @(#) $Id: http.tcl,v 1.78 2009/11/11 06:49:05 nijtmans Exp $ package require Tcl 8.6 # Keep this in sync with pkgIndex.tcl and with the install directories in # Makefiles -package provide http 2.8.1 +package provide http 2.8.2 namespace eval http { # Allow resourcing to not clobber existing data @@ -100,7 +100,7 @@ namespace eval http { # Arguments: # msg Message to output # -if {[info command http::Log] eq {}} { proc http::Log {args} {} } +if {[info command http::Log] eq {}} {proc http::Log {args} {}} # http::register -- # @@ -201,7 +201,7 @@ proc http::Finish {token {errormsg ""} {skipCB 0}} { if { ($state(status) eq "timeout") || ($state(status) eq "error") || ([info exists state(connection)] && ($state(connection) eq "close")) - } then { + } { CloseSocket $state(sock) $token } if {[info exists state(after)]} { @@ -369,7 +369,7 @@ proc http::geturl {url args} { if { [info exists type($flag)] && ![string is $type($flag) -strict $value] - } then { + } { unset $token return -code error \ "Bad value for $flag ($value), must be $type($flag)" @@ -439,7 +439,7 @@ proc http::geturl {url args} { ( [^/:\#?]+ ) # <host part of authority> (?: : (\d+) )? # <port part of authority> )? - ( / [^\#?]* (?: \? [^\#?]* )?)? # <path> (including query) + ( / [^\#]*)? # <path> (including query) (?: \# (.*) )? # <fragment> $ } @@ -728,7 +728,7 @@ proc http::geturl {url args} { # versions TclHttpd in various error cases). Depending on the # platform, the client may or may not be able to get the response from # the server because of the error it will get trying to write the post - # data. Having both fileevents active changes the timing and the + # data. Having both fileevents active changes the timing and the # behavior, but no two platforms (among Solaris, Linux, and NT) behave # the same, and none behave all that well in any case. Servers should # always read their POST data if they expect the client to read their @@ -759,7 +759,7 @@ proc http::geturl {url args} { return -code error [lindex $state(error) 0] } } - } err]} then { + } err]} { # The socket probably was never connected, or the connection dropped # later. @@ -867,7 +867,7 @@ proc http::Connect {token} { if { [eof $state(sock)] || [string length [fconfigure $state(sock) -error]] - } then { + } { Finish $token "connect failed [fconfigure $state(sock) -error]" 1 } else { set state(status) connect @@ -918,7 +918,7 @@ proc http::Write {token} { set done 1 } } - } err]} then { + } err]} { # Do not call Finish here, but instead let the read half of the socket # process whatever server reply there is to get. @@ -997,7 +997,7 @@ proc http::Event {sock token} { && ($state(connection) eq "close")) || [info exists state(transfer)]) && ($state(totalsize) == 0) - } then { + } { Log "body size is 0 and no events likely - complete." Eof $token return @@ -1008,7 +1008,7 @@ proc http::Event {sock token} { if { $state(-binary) || ![string match -nocase text* $state(type)] - } then { + } { # Turn off conversions for non-text data set state(binary) 1 } @@ -1076,7 +1076,7 @@ proc http::Event {sock token} { } elseif { [info exists state(transfer)] && $state(transfer) eq "chunked" - } then { + } { set size 0 set chunk [getTextLine $sock] set n [string length $chunk] @@ -1116,11 +1116,11 @@ proc http::Event {sock token} { if { ($state(totalsize) > 0) && ($state(currentsize) >= $state(totalsize)) - } then { + } { Eof $token } } - } err]} then { + } err]} { return [Finish $token $err] } else { if {[info exists state(-progress)]} { @@ -1397,7 +1397,7 @@ proc http::ProxyRequired {host} { if { ![info exists http(-proxyport)] || ![string length $http(-proxyport)] - } then { + } { set http(-proxyport) 8080 } return [list $http(-proxyhost) $http(-proxyport)] @@ -1481,7 +1481,7 @@ proc http::make-transformation-chunked {chan command} { } if {[catch { uplevel #0 [linsert $command end $chunk] - }]} then { + }]} { http::Log "Error in callback: $::errorInfo" } if {[string length $chunk] == 0} { diff --git a/library/http/pkgIndex.tcl b/library/http/pkgIndex.tcl index b953d49..82b2e0b 100644 --- a/library/http/pkgIndex.tcl +++ b/library/http/pkgIndex.tcl @@ -1,2 +1,2 @@ if {![package vsatisfies [package provide Tcl] 8.6]} {return} -package ifneeded http 2.8.1 [list tclPkgSetup $dir http 2.8.1 {{http.tcl source {::http::config ::http::formatQuery ::http::geturl ::http::reset ::http::wait ::http::register ::http::unregister ::http::mapReply}}}] +package ifneeded http 2.8.2 [list tclPkgSetup $dir http 2.8.2 {{http.tcl source {::http::config ::http::formatQuery ::http::geturl ::http::reset ::http::wait ::http::register ::http::unregister ::http::mapReply}}}] |