28 |
exit; |
exit; |
29 |
} |
} |
30 |
|
|
31 |
my $input_format = $http->parameter ('i') || 'text/html'; |
require Message::DOM::DOMImplementation; |
32 |
my $inner_html_element = $http->parameter ('e'); |
my $dom = Message::DOM::DOMImplementation->new; |
|
my $input_uri = 'thismessage:/'; |
|
33 |
|
|
34 |
my $s = $http->parameter ('s'); |
my $input = get_input_document ($http, $dom); |
35 |
if (length $s > 1000_000) { |
my $inner_html_element = $http->parameter ('e'); |
|
print STDOUT "Status: 400 Document Too Long\nContent-Type: text/plain; charset=us-ascii\n\nToo long"; |
|
|
exit; |
|
|
} |
|
36 |
|
|
37 |
load_text_catalog ('en'); ## TODO: conneg |
load_text_catalog ('en'); ## TODO: conneg |
38 |
|
|
50 |
|
|
51 |
<div id="document-info" class="section"> |
<div id="document-info" class="section"> |
52 |
<dl> |
<dl> |
53 |
|
<dt>Request URI</dt> |
54 |
|
<dd><code class="URI" lang=""><<a href="@{[htescape $input->{request_uri}]}">@{[htescape $input->{request_uri}]}</a>></code></dd> |
55 |
<dt>Document URI</dt> |
<dt>Document URI</dt> |
56 |
<dd><code class="URI" lang=""><<a href="@{[htescape $input_uri]}">@{[htescape $input_uri]}</a>></code></dd> |
<dd><code class="URI" lang=""><<a href="@{[htescape $input->{uri}]}">@{[htescape $input->{uri}]}</a>></code></dd> |
|
<dt>Internet Media Type</dt> |
|
|
<dd><code class="MIME" lang="en">@{[htescape $input_format]}</code></dd> |
|
57 |
]; # no </dl> yet |
]; # no </dl> yet |
58 |
push @nav, ['#document-info' => 'Information']; |
push @nav, ['#document-info' => 'Information']; |
59 |
|
|
60 |
require Message::DOM::DOMImplementation; |
if (defined $input->{s}) { |
61 |
my $dom = Message::DOM::DOMImplementation->____new; |
|
62 |
|
print STDOUT qq[ |
63 |
|
<dt>Base URI</dt> |
64 |
|
<dd><code class="URI" lang=""><<a href="@{[htescape $input->{base_uri}]}">@{[htescape $input->{base_uri}]}</a>></code></dd> |
65 |
|
<dt>Internet Media Type</dt> |
66 |
|
<dd><code class="MIME" lang="en">@{[htescape $input->{media_type}]}</code> |
67 |
|
@{[$input->{media_type_overridden} ? '<em>(overridden)</em>' : '']}</dd> |
68 |
|
<dt>Character Encoding</dt> |
69 |
|
<dd>@{[defined $input->{charset} ? '<code class="charset" lang="en">'.htescape ($input->{charset}).'</code>' : '(none)']} |
70 |
|
@{[$input->{charset_overridden} ? '<em>(overridden)</em>' : '']}</dd> |
71 |
|
</dl> |
72 |
|
</div> |
73 |
|
]; |
74 |
|
|
75 |
|
print_http_header_section ($input); |
76 |
|
|
77 |
my $doc; |
my $doc; |
78 |
my $el; |
my $el; |
79 |
|
|
80 |
if ($input_format eq 'text/html') { |
if ($input->{media_type} eq 'text/html') { |
81 |
require Encode; |
require Encode; |
82 |
require Whatpm::HTML; |
require Whatpm::HTML; |
83 |
|
|
84 |
$s = Encode::decode ('utf-8', $s); |
my $t = Encode::decode ($input->{charset}, $input->{s}); |
85 |
|
|
86 |
print STDOUT qq[ |
print STDOUT qq[ |
|
<dt>Character Encoding</dt> |
|
|
<dd>(none)</dd> |
|
|
</dl> |
|
|
</div> |
|
|
|
|
|
<div id="source-string" class="section"> |
|
|
<h2>Document Source</h2> |
|
|
]; |
|
|
push @nav, ['#source-string' => 'Source']; |
|
|
print_source_string (\$s); |
|
|
print STDOUT qq[ |
|
|
</div> |
|
|
|
|
87 |
<div id="parse-errors" class="section"> |
<div id="parse-errors" class="section"> |
88 |
<h2>Parse Errors</h2> |
<h2>Parse Errors</h2> |
89 |
|
|
110 |
if (defined $inner_html_element and length $inner_html_element) { |
if (defined $inner_html_element and length $inner_html_element) { |
111 |
$el = $doc->create_element_ns |
$el = $doc->create_element_ns |
112 |
('http://www.w3.org/1999/xhtml', [undef, $inner_html_element]); |
('http://www.w3.org/1999/xhtml', [undef, $inner_html_element]); |
113 |
Whatpm::HTML->set_inner_html ($el, $s, $onerror); |
Whatpm::HTML->set_inner_html ($el, $t, $onerror); |
114 |
} else { |
} else { |
115 |
Whatpm::HTML->parse_string ($s => $doc, $onerror); |
Whatpm::HTML->parse_string ($t => $doc, $onerror); |
116 |
} |
} |
117 |
|
|
118 |
print STDOUT qq[ |
print STDOUT qq[ |
119 |
</dl> |
</dl> |
120 |
</div> |
</div> |
121 |
]; |
]; |
|
} elsif ($input_format eq 'application/xhtml+xml') { |
|
|
require Message::DOM::XMLParserTemp; |
|
|
require Encode; |
|
|
|
|
|
my $t = Encode::decode ('utf-8', $s); |
|
122 |
|
|
123 |
print STDOUT qq[ |
print_source_string_section (\($input->{s}), $input->{charset}); |
124 |
<dt>Character Encoding</dt> |
} elsif ({ |
125 |
<dd>(none)</dd> |
'text/xml' => 1, |
126 |
</dl> |
'application/xhtml+xml' => 1, |
127 |
</div> |
'application/xml' => 1, |
128 |
|
}->{$input->{media_type}}) { |
129 |
|
require Message::DOM::XMLParserTemp; |
130 |
|
|
|
<div id="source-string" class="section"> |
|
|
<h2>Document Source</h2> |
|
|
]; |
|
|
push @nav, ['#source-string' => 'Source']; |
|
|
print_source_string (\$t); |
|
131 |
print STDOUT qq[ |
print STDOUT qq[ |
|
</div> |
|
|
|
|
132 |
<div id="parse-errors" class="section"> |
<div id="parse-errors" class="section"> |
133 |
<h2>Parse Errors</h2> |
<h2>Parse Errors</h2> |
134 |
|
|
144 |
return 1; |
return 1; |
145 |
}; |
}; |
146 |
|
|
147 |
open my $fh, '<', \$s; |
open my $fh, '<', \($input->{s}); |
148 |
$doc = Message::DOM::XMLParserTemp->parse_byte_stream |
$doc = Message::DOM::XMLParserTemp->parse_byte_stream |
149 |
($fh => $dom, $onerror, charset => 'utf-8'); |
($fh => $dom, $onerror, charset => $input->{charset}); |
150 |
|
|
151 |
print STDOUT qq[</dl> |
print STDOUT qq[</dl> |
152 |
</div> |
</div> |
153 |
|
|
154 |
]; |
]; |
155 |
|
print_source_string_section (\($input->{s}), $doc->input_encoding); |
156 |
} else { |
} else { |
157 |
|
## TODO: Change HTTP status code?? |
158 |
print STDOUT qq[ |
print STDOUT qq[ |
|
</dl> |
|
|
</div> |
|
|
|
|
159 |
<div id="result-summary" class="section"> |
<div id="result-summary" class="section"> |
160 |
<p><em>Media type <code class="MIME" lang="en">@{[htescape $input_format]}</code> is not supported!</em></p> |
<p><em>Media type <code class="MIME" lang="en">@{[htescape $input->{media_type}]}</code> is not supported!</em></p> |
161 |
</div> |
</div> |
162 |
]; |
]; |
163 |
push @nav, ['#result-summary' => 'Result']; |
push @nav, ['#result-summary' => 'Result']; |
276 |
} |
} |
277 |
|
|
278 |
## TODO: Show result |
## TODO: Show result |
279 |
|
} else { |
280 |
|
print STDOUT qq[ |
281 |
|
</dl> |
282 |
|
</div> |
283 |
|
|
284 |
|
<div class="section" id="result-summary"> |
285 |
|
<p><em><strong>Input Error</strong>: @{[htescape ($input->{error_status_text})]}</em></p> |
286 |
|
</div> |
287 |
|
]; |
288 |
|
push @nav, ['#result-summary' => 'Result']; |
289 |
|
|
290 |
|
} |
291 |
|
|
292 |
print STDOUT qq[ |
print STDOUT qq[ |
293 |
<ul class="navigation" id="nav-items"> |
<ul class="navigation" id="nav-items"> |
303 |
|
|
304 |
exit; |
exit; |
305 |
|
|
306 |
sub print_source_string ($) { |
sub print_http_header_section ($) { |
307 |
my $s = $_[0]; |
my $input = shift; |
308 |
my $i = 1; |
return unless defined $input->{header_status_code} or |
309 |
print STDOUT qq[<ol lang="">\n]; |
defined $input->{header_status_text} or |
310 |
|
@{$input->{header_field}}; |
311 |
|
|
312 |
|
push @nav, ['#source-header' => 'HTTP Header']; |
313 |
|
print STDOUT qq[<div id="source-header" class="section"> |
314 |
|
<h2>HTTP Header</h2> |
315 |
|
|
316 |
|
<p><strong>Note</strong>: Due to the limitation of the |
317 |
|
network library in use, the content of this section might |
318 |
|
not be the real header.</p> |
319 |
|
|
320 |
|
<table><tbody> |
321 |
|
]; |
322 |
|
|
323 |
|
if (defined $input->{header_status_code}) { |
324 |
|
print STDOUT qq[<tr><th scope="row">Status code</th>]; |
325 |
|
print STDOUT qq[<td><code>@{[htescape ($input->{header_status_code})]}</code></td></tr>]; |
326 |
|
} |
327 |
|
if (defined $input->{header_status_text}) { |
328 |
|
print STDOUT qq[<tr><th scope="row">Status text</th>]; |
329 |
|
print STDOUT qq[<td><code>@{[htescape ($input->{header_status_text})]}</code></td></tr>]; |
330 |
|
} |
331 |
|
|
332 |
|
for (@{$input->{header_field}}) { |
333 |
|
print STDOUT qq[<tr><th scope="row"><code>@{[htescape ($_->[0])]}</code></th>]; |
334 |
|
print STDOUT qq[<td><code>@{[htescape ($_->[1])]}</code></td></tr>]; |
335 |
|
} |
336 |
|
|
337 |
|
print STDOUT qq[</tbody></table></div>]; |
338 |
|
} # print_http_header_section |
339 |
|
|
340 |
|
sub print_source_string_section ($$) { |
341 |
|
require Encode; |
342 |
|
my $enc = Encode::find_encoding ($_[1]); ## TODO: charset name -> Perl name |
343 |
|
return unless $enc; |
344 |
|
|
345 |
|
my $s = \($enc->decode (${$_[0]})); |
346 |
|
my $i = 1; |
347 |
|
push @nav, ['#source-string' => 'Source']; |
348 |
|
print STDOUT qq[<div id="source-string" class="section"> |
349 |
|
<h2>Document Source</h2> |
350 |
|
<ol lang="">\n]; |
351 |
if (length $$s) { |
if (length $$s) { |
352 |
while ($$s =~ /\G([^\x0A]*?)\x0D?\x0A/gc) { |
while ($$s =~ /\G([^\x0A]*?)\x0D?\x0A/gc) { |
353 |
print STDOUT qq[<li id="line-$i">], htescape $1, "</li>\n"; |
print STDOUT qq[<li id="line-$i">], htescape $1, "</li>\n"; |
359 |
} else { |
} else { |
360 |
print STDOUT q[<li id="line-1"></li>]; |
print STDOUT q[<li id="line-1"></li>]; |
361 |
} |
} |
362 |
print STDOUT "</ol>"; |
print STDOUT "</ol></div>"; |
363 |
} # print_input_string |
} # print_input_string_section |
364 |
|
|
365 |
sub print_document_tree ($) { |
sub print_document_tree ($) { |
366 |
my $node = shift; |
my $node = shift; |
408 |
$r .= qq[<ul class="attributes">]; |
$r .= qq[<ul class="attributes">]; |
409 |
$r .= qq[<li>@{[scalar get_text ('manakaiIsHTML:'.($child->manakai_is_html?1:0))]}</li>]; |
$r .= qq[<li>@{[scalar get_text ('manakaiIsHTML:'.($child->manakai_is_html?1:0))]}</li>]; |
410 |
$r .= qq[<li>@{[scalar get_text ('manakaiCompatMode:'.$child->manakai_compat_mode)]}</li>]; |
$r .= qq[<li>@{[scalar get_text ('manakaiCompatMode:'.$child->manakai_compat_mode)]}</li>]; |
411 |
|
unless ($child->manakai_is_html) { |
412 |
|
$r .= qq[<li>XML version = <code>@{[htescape ($child->xml_version)]}</code></li>]; |
413 |
|
if (defined $child->xml_encoding) { |
414 |
|
$r .= qq[<li>XML encoding = <code>@{[htescape ($child->xml_encoding)]}</code></li>]; |
415 |
|
} else { |
416 |
|
$r .= qq[<li>XML encoding = (null)</li>]; |
417 |
|
} |
418 |
|
$r .= qq[<li>XML standalone = @{[$child->xml_standalone ? 'true' : 'false']}</li>]; |
419 |
|
} |
420 |
$r .= qq[</ul>]; |
$r .= qq[</ul>]; |
421 |
if ($child->has_child_nodes) { |
if ($child->has_child_nodes) { |
422 |
$r .= '<ol class="children">'; |
$r .= '<ol class="children">'; |
454 |
$rs = '"' . $node->data . '"'; |
$rs = '"' . $node->data . '"'; |
455 |
$node = $node->parent_node; |
$node = $node->parent_node; |
456 |
} elsif ($node->node_type == 9) { |
} elsif ($node->node_type == 9) { |
457 |
|
@r = ('') unless @r; |
458 |
$rs = ''; |
$rs = ''; |
459 |
$node = $node->parent_node; |
$node = $node->parent_node; |
460 |
} else { |
} else { |
505 |
|
|
506 |
} |
} |
507 |
|
|
508 |
|
sub get_input_document ($$) { |
509 |
|
my ($http, $dom) = @_; |
510 |
|
|
511 |
|
my $request_uri = $http->parameter ('uri'); |
512 |
|
my $r = {}; |
513 |
|
if (defined $request_uri and length $request_uri) { |
514 |
|
my $uri = $dom->create_uri_reference ($request_uri); |
515 |
|
unless ({ |
516 |
|
http => 1, |
517 |
|
}->{lc $uri->uri_scheme}) { |
518 |
|
return {uri => $request_uri, request_uri => $request_uri, |
519 |
|
error_status_text => 'URI scheme not allowed'}; |
520 |
|
} |
521 |
|
|
522 |
|
require Message::Util::HostPermit; |
523 |
|
my $host_permit = new Message::Util::HostPermit; |
524 |
|
$host_permit->add_rule (<<EOH); |
525 |
|
Allow host=suika port=80 |
526 |
|
Deny host=suika |
527 |
|
Allow host=suika.fam.cx port=80 |
528 |
|
Deny host=suika.fam.cx |
529 |
|
Deny host=localhost |
530 |
|
Deny host=*.localdomain |
531 |
|
Deny ipv4=0.0.0.0/8 |
532 |
|
Deny ipv4=10.0.0.0/8 |
533 |
|
Deny ipv4=127.0.0.0/8 |
534 |
|
Deny ipv4=169.254.0.0/16 |
535 |
|
Deny ipv4=172.0.0.0/11 |
536 |
|
Deny ipv4=192.0.2.0/24 |
537 |
|
Deny ipv4=192.88.99.0/24 |
538 |
|
Deny ipv4=192.168.0.0/16 |
539 |
|
Deny ipv4=198.18.0.0/15 |
540 |
|
Deny ipv4=224.0.0.0/4 |
541 |
|
Deny ipv4=255.255.255.255/32 |
542 |
|
Deny ipv6=0::0/0 |
543 |
|
Allow host=* |
544 |
|
EOH |
545 |
|
unless ($host_permit->check ($uri->uri_host, $uri->uri_port || 80)) { |
546 |
|
return {uri => $request_uri, request_uri => $request_uri, |
547 |
|
error_status_text => 'Connection to the host is forbidden'}; |
548 |
|
} |
549 |
|
|
550 |
|
require LWP::UserAgent; |
551 |
|
my $ua = WDCC::LWPUA->new; |
552 |
|
$ua->{wdcc_dom} = $dom; |
553 |
|
$ua->{wdcc_host_permit} = $host_permit; |
554 |
|
$ua->agent ('Mozilla'); ## TODO: for now. |
555 |
|
$ua->parse_head (0); |
556 |
|
$ua->protocols_allowed ([qw/http/]); |
557 |
|
$ua->max_size (1000_000); |
558 |
|
my $req = HTTP::Request->new (GET => $request_uri); |
559 |
|
my $res = $ua->request ($req); |
560 |
|
if ($res->is_success or $http->parameter ('error-page')) { |
561 |
|
$r->{base_uri} = $res->base; ## NOTE: It does check |Content-Base|, |Content-Location|, and <base>. ## TODO: Use our own code! |
562 |
|
$r->{uri} = $res->request->uri; |
563 |
|
$r->{request_uri} = $request_uri; |
564 |
|
|
565 |
|
## TODO: More strict parsing... |
566 |
|
my $ct = $res->header ('Content-Type'); |
567 |
|
if (defined $ct and $ct =~ m#^([0-9A-Za-z._+-]+/[0-9A-Za-z._+-]+)#) { |
568 |
|
$r->{media_type} = lc $1; |
569 |
|
} |
570 |
|
if (defined $ct and $ct =~ /;\s*charset\s*=\s*"?(\S+)"?/i) { |
571 |
|
$r->{charset} = lc $1; |
572 |
|
$r->{charset} =~ tr/\\//d; |
573 |
|
} |
574 |
|
|
575 |
|
my $input_charset = $http->parameter ('charset'); |
576 |
|
if (defined $input_charset and length $input_charset) { |
577 |
|
$r->{charset_overridden} |
578 |
|
= (not defined $r->{charset} or $r->{charset} ne $input_charset); |
579 |
|
$r->{charset} = $input_charset; |
580 |
|
} |
581 |
|
|
582 |
|
$r->{s} = ''.$res->content; |
583 |
|
} else { |
584 |
|
$r->{uri} = $res->request->uri; |
585 |
|
$r->{request_uri} = $request_uri; |
586 |
|
$r->{error_status_text} = $res->status_line; |
587 |
|
} |
588 |
|
|
589 |
|
$r->{header_field} = []; |
590 |
|
$res->scan (sub { |
591 |
|
push @{$r->{header_field}}, [$_[0], $_[1]]; |
592 |
|
}); |
593 |
|
$r->{header_status_code} = $res->code; |
594 |
|
$r->{header_status_text} = $res->message; |
595 |
|
} else { |
596 |
|
$r->{s} = ''.$http->parameter ('s'); |
597 |
|
$r->{uri} = q<thismessage:/>; |
598 |
|
$r->{request_uri} = q<thismessage:/>; |
599 |
|
$r->{base_uri} = q<thismessage:/>; |
600 |
|
$r->{charset} = ''.$http->parameter ('_charset_'); |
601 |
|
$r->{charset} =~ s/\s+//g; |
602 |
|
$r->{charset} = 'utf-8' if $r->{charset} eq ''; |
603 |
|
$r->{header_field} = []; |
604 |
|
} |
605 |
|
|
606 |
|
my $input_format = $http->parameter ('i'); |
607 |
|
if (defined $input_format and length $input_format) { |
608 |
|
$r->{media_type_overridden} |
609 |
|
= (not defined $r->{media_type} or $input_format ne $r->{media_type}); |
610 |
|
$r->{media_type} = $input_format; |
611 |
|
} |
612 |
|
if (defined $r->{s} and not defined $r->{media_type}) { |
613 |
|
$r->{media_type} = 'text/html'; |
614 |
|
$r->{media_type_overridden} = 1; |
615 |
|
} |
616 |
|
|
617 |
|
if ($r->{media_type} eq 'text/xml') { |
618 |
|
unless (defined $r->{charset}) { |
619 |
|
$r->{charset} = 'us-ascii'; |
620 |
|
} elsif ($r->{charset_overridden} and $r->{charset} eq 'us-ascii') { |
621 |
|
$r->{charset_overridden} = 0; |
622 |
|
} |
623 |
|
} |
624 |
|
|
625 |
|
if (length $r->{s} > 1000_000) { |
626 |
|
$r->{error_status_text} = 'Entity-body too large'; |
627 |
|
delete $r->{s}; |
628 |
|
return $r; |
629 |
|
} |
630 |
|
|
631 |
|
return $r; |
632 |
|
} # get_input_document |
633 |
|
|
634 |
|
package WDCC::LWPUA; |
635 |
|
BEGIN { push our @ISA, 'LWP::UserAgent'; } |
636 |
|
|
637 |
|
sub redirect_ok { |
638 |
|
my $ua = shift; |
639 |
|
unless ($ua->SUPER::redirect_ok (@_)) { |
640 |
|
return 0; |
641 |
|
} |
642 |
|
|
643 |
|
my $uris = $_[1]->header ('Location'); |
644 |
|
return 0 unless $uris; |
645 |
|
my $uri = $ua->{wdcc_dom}->create_uri_reference ($uris); |
646 |
|
unless ({ |
647 |
|
http => 1, |
648 |
|
}->{lc $uri->uri_scheme}) { |
649 |
|
return 0; |
650 |
|
} |
651 |
|
unless ($ua->{wdcc_host_permit}->check ($uri->uri_host, $uri->uri_port || 80)) { |
652 |
|
return 0; |
653 |
|
} |
654 |
|
return 1; |
655 |
|
} # redirect_ok |
656 |
|
|
657 |
=head1 AUTHOR |
=head1 AUTHOR |
658 |
|
|
659 |
Wakaba <w@suika.fam.cx>. |
Wakaba <w@suika.fam.cx>. |