/[pub]/test/html-webhacc/cc.cgi

Diff of /test/html-webhacc/cc.cgi

Parent Directory | Revision Log | View Patch Patch

-revision 1.8 by wakaba,
Sun Jul  1 10:02:24 2007 UTC
+revision 1.11 by wakaba,
Mon Jul 16 10:55:11 2007 UTC
 Line 28 
 my $http = SuikaWiki::Input::HTTP->new;
      exit;
    }
-   my $input_format = $http->parameter ('i') || 'text/html';
+   require Message::DOM::DOMImplementation;
-   my $inner_html_element = $http->parameter ('e');
+   my $dom = Message::DOM::DOMImplementation->new;
-   my $input_uri = 'thismessage:/';
-   my $s = $http->parameter ('s');
+   my $input = get_input_document ($http, $dom);
-   if (length $s > 1000_000) {
+   my $inner_html_element = $http->parameter ('e');
-     print STDOUT "Status: 400 Document Too Long\nContent-Type: text/plain; charset=us-ascii\n\nToo long";
-     exit;
-   }
    load_text_catalog ('en'); ## TODO: conneg
-Line 54 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 50 
 my $http = SuikaWiki::Input::HTTP->new;
  <div id="document-info" class="section">
  <dl>
+ <dt>Request URI</dt>
+     <dd><code class="URI" lang="">&lt;<a href="@{[htescape $input->{request_uri}]}">@{[htescape $input->{request_uri}]}</a>&gt;</code></dd>
  <dt>Document URI</dt>
-     <dd><code class="URI" lang="">&lt;<a href="@{[htescape $input_uri]}">@{[htescape $input_uri]}</a>&gt;</code></dd>
+     <dd><code class="URI" lang="">&lt;<a href="@{[htescape $input->{uri}]}">@{[htescape $input->{uri}]}</a>&gt;</code></dd>
- <dt>Internet Media Type</dt>
-     <dd><code class="MIME" lang="en">@{[htescape $input_format]}</code></dd>
  ]; # no </dl> yet
    push @nav, ['#document-info' => 'Information'];
-   require Message::DOM::DOMImplementation;
+ if (defined $input->{s}) {
-   my $dom = Message::DOM::DOMImplementation->____new;
+   print STDOUT qq[
+ <dt>Base URI</dt>
+     <dd><code class="URI" lang="">&lt;<a href="@{[htescape $input->{base_uri}]}">@{[htescape $input->{base_uri}]}</a>&gt;</code></dd>
+ <dt>Internet Media Type</dt>
+     <dd><code class="MIME" lang="en">@{[htescape $input->{media_type}]}</code>
+     @{[$input->{media_type_overridden} ? '<em>(overridden)</em>' : '']}</dd>
+ <dt>Character Encoding</dt>
+     <dd>@{[defined $input->{charset} ? '<code class="charset" lang="en">'.htescape ($input->{charset}).'</code>' : '(none)']}
+     @{[$input->{charset_overridden} ? '<em>(overridden)</em>' : '']}</dd>
+ </dl>
+ </div>
+ ];
+   print_http_header_section ($input);
    my $doc;
    my $el;
-   if ($input_format eq 'text/html') {
+   if ($input->{media_type} eq 'text/html') {
      require Encode;
      require Whatpm::HTML;
-     $s = Encode::decode ('utf-8', $s);
-     print STDOUT qq[
+     $input->{charset} ||= 'ISO-8859-1'; ## TODO: for now.
- <dt>Character Encoding</dt>
-     <dd>(none)</dd>
+     my $t = Encode::decode ($input->{charset}, $input->{s});
- </dl>
- </div>
- <div id="source-string" class="section">
- <h2>Document Source</h2>
- ];
-     push @nav, ['#source-string' => 'Source'];
-     print_source_string (\$s);
      print STDOUT qq[
- </div>
  <div id="parse-errors" class="section">
  <h2>Parse Errors</h2>
- <dl>
+ <dl>];
- ];
    push @nav, ['#parse-errors' => 'Parse Error'];
    my $onerror = sub {
      my (%opt) = @_;
-     my ($cls, $msg) = get_text ($opt{type}, $opt{level});
+     my ($type, $cls, $msg) = get_text ($opt{type}, $opt{level});
      if ($opt{column} > 0) {
        print STDOUT qq[<dt class="$cls"><a href="#line-$opt{line}">Line $opt{line}</a> column $opt{column}</dt>\n];
      } else {
        $opt{line} = $opt{line} - 1 || 1;
        print STDOUT qq[<dt class="$cls"><a href="#line-$opt{line}">Line $opt{line}</a></dt>\n];
      }
-     $opt{type} =~ tr/ /-/;
+     $type =~ tr/ /-/;
-     $opt{type} =~ s/\|/%7C/g;
+     $type =~ s/\|/%7C/g;
-     $msg .= qq[ [<a href="../error-description#$opt{type}">Description</a>]];
+     $msg .= qq[ [<a href="../error-description#@{[htescape ($type)]}">Description</a>]];
      print STDOUT qq[<dd class="$cls">$msg</dd>\n];
    };
-Line 112 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 111 
 my $http = SuikaWiki::Input::HTTP->new;
    if (defined $inner_html_element and length $inner_html_element) {
      $el = $doc->create_element_ns
          ('http://www.w3.org/1999/xhtml', [undef, $inner_html_element]);
-     Whatpm::HTML->set_inner_html ($el, $s, $onerror);
+     Whatpm::HTML->set_inner_html ($el, $t, $onerror);
    } else {
-     Whatpm::HTML->parse_string ($s => $doc, $onerror);
+     Whatpm::HTML->parse_string ($t => $doc, $onerror);
    }
-   print STDOUT qq[
+   print STDOUT qq[</dl>
- </dl>
  </div>
  ];
-   } elsif ($input_format eq 'application/xhtml+xml') {
-     require Message::DOM::XMLParserTemp;
-     require Encode;
-     my $t = Encode::decode ('utf-8', $s);
-     print STDOUT qq[
+     print_source_string_section (\($input->{s}), $input->{charset});
- <dt>Character Encoding</dt>
+   } elsif ({
-     <dd>(none)</dd>
+             'text/xml' => 1,
- </dl>
+             'application/xhtml+xml' => 1,
- </div>
+             'application/xml' => 1,
+            }->{$input->{media_type}}) {
+     require Message::DOM::XMLParserTemp;
- <div id="source-string" class="section">
- <h2>Document Source</h2>
- ];
-     push @nav, ['#source-string' => 'Source'];
-     print_source_string (\$t);
      print STDOUT qq[
- </div>
  <div id="parse-errors" class="section">
  <h2>Parse Errors</h2>
-Line 156 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 144 
 my $http = SuikaWiki::Input::HTTP->new;
      return 1;
    };
-   open my $fh, '<', \$s;
+   open my $fh, '<', \($input->{s});
    $doc = Message::DOM::XMLParserTemp->parse_byte_stream
-       ($fh => $dom, $onerror, charset => 'utf-8');
+       ($fh => $dom, $onerror, charset => $input->{charset});
      print STDOUT qq[</dl>
  </div>
  ];
+     print_source_string_section (\($input->{s}), $doc->input_encoding);
    } else {
+     ## TODO: Change HTTP status code??
      print STDOUT qq[
- </dl>
- </div>
  <div id="result-summary" class="section">
- <p><em>Media type <code class="MIME" lang="en">@{[htescape $input_format]}</code> is not supported!</em></p>
+ <p><em>Media type <code class="MIME" lang="en">@{[htescape $input->{media_type}]}</code> is not supported!</em></p>
  </div>
  ];
      push @nav, ['#result-summary' => 'Result'];
-Line 197 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 185 
 my $http = SuikaWiki::Input::HTTP->new;
      require Whatpm::ContentChecker;
      my $onerror = sub {
        my %opt = @_;
-       my ($cls, $msg) = get_text ($opt{type}, $opt{level});
+       my ($type, $cls, $msg) = get_text ($opt{type}, $opt{level});
-       $opt{type} = $opt{level} . ':' . $opt{type} if defined $opt{level};
+       $type =~ tr/ /-/;
-       $opt{type} =~ tr/ /-/;
+       $type =~ s/\|/%7C/g;
-       $opt{type} =~ s/\|/%7C/g;
+       $msg .= qq[ [<a href="../error-description#@{[htescape ($type)]}">Description</a>]];
-       $msg .= qq[ [<a href="../error-description#$opt{type}">Description</a>]];
        print STDOUT qq[<dt class="$cls">] . get_node_link ($opt{node}) .
            qq[</dt>\n<dd class="$cls">], $msg, "</dd>\n";
      };
-Line 258 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 245 
 my $http = SuikaWiki::Input::HTTP->new;
              for (@$_) {
                $_->{id} = refaddr $_->{element} if defined $_->{element};
                delete $_->{element};
+               $_->{is_header} = $_->{is_header} ? 1 : 0;
              }
            }
          }
-Line 288 
 my $http = SuikaWiki::Input::HTTP->new;
+Line 276 
 my $http = SuikaWiki::Input::HTTP->new;
    }
    ## TODO: Show result
+ } else {
+   print STDOUT qq[
+ </dl>
+ </div>
+ <div class="section" id="result-summary">
+ <p><em><strong>Input Error</strong>: @{[htescape ($input->{error_status_text})]}</em></p>
+ </div>
+ ];
+   push @nav, ['#result-summary' => 'Result'];
+ }
    print STDOUT qq[
  <ul class="navigation" id="nav-items">
 Line 303 
 my $http = SuikaWiki::Input::HTTP->new;
  exit;
- sub print_source_string ($) {
+ sub print_http_header_section ($) {
-   my $s = $_[0];
+   my $input = shift;
-   my $i = 1;
+   return unless defined $input->{header_status_code} or
-   print STDOUT qq[<ol lang="">\n];
+       defined $input->{header_status_text} or
+       @{$input->{header_field}};
+   push @nav, ['#source-header' => 'HTTP Header'];
+   print STDOUT qq[<div id="source-header" class="section">
+ <h2>HTTP Header</h2>
+ <p><strong>Note</strong>: Due to the limitation of the
+ network library in use, the content of this section might
+ not be the real header.</p>
+ <table><tbody>
+ ];
+   if (defined $input->{header_status_code}) {
+     print STDOUT qq[<tr><th scope="row">Status code</th>];
+     print STDOUT qq[<td><code>@{[htescape ($input->{header_status_code})]}</code></td></tr>];
+   }
+   if (defined $input->{header_status_text}) {
+     print STDOUT qq[<tr><th scope="row">Status text</th>];
+     print STDOUT qq[<td><code>@{[htescape ($input->{header_status_text})]}</code></td></tr>];
+   }
+   for (@{$input->{header_field}}) {
+     print STDOUT qq[<tr><th scope="row"><code>@{[htescape ($_->[0])]}</code></th>];
+     print STDOUT qq[<td><code>@{[htescape ($_->[1])]}</code></td></tr>];
+   }
+   print STDOUT qq[</tbody></table></div>];
+ } # print_http_header_section
+ sub print_source_string_section ($$) {
+   require Encode;
+   my $enc = Encode::find_encoding ($_[1]); ## TODO: charset name -> Perl name
+   return unless $enc;
+   my $s = \($enc->decode (${$_[0]}));
+   my $i = 1;
+   push @nav, ['#source-string' => 'Source'];
+   print STDOUT qq[<div id="source-string" class="section">
+ <h2>Document Source</h2>
+ <ol lang="">\n];
    if (length $$s) {
      while ($$s =~ /\G([^\x0A]*?)\x0D?\x0A/gc) {
        print STDOUT qq[<li id="line-$i">], htescape $1, "</li>\n";
-Line 318 
 sub print_source_string ($) {
+Line 359 
 sub print_source_string ($) {
    } else {
      print STDOUT q[<li id="line-1"></li>];
    }
-   print STDOUT "</ol>";
+   print STDOUT "</ol></div>";
- } # print_input_string
+ } # print_input_string_section
  sub print_document_tree ($) {
    my $node = shift;
-Line 367 
 sub print_document_tree ($) {
+Line 408 
 sub print_document_tree ($) {
        $r .= qq[<ul class="attributes">];
        $r .= qq[<li>@{[scalar get_text ('manakaiIsHTML:'.($child->manakai_is_html?1:0))]}</li>];
        $r .= qq[<li>@{[scalar get_text ('manakaiCompatMode:'.$child->manakai_compat_mode)]}</li>];
+       unless ($child->manakai_is_html) {
+         $r .= qq[<li>XML version = <code>@{[htescape ($child->xml_version)]}</code></li>];
+         if (defined $child->xml_encoding) {
+           $r .= qq[<li>XML encoding = <code>@{[htescape ($child->xml_encoding)]}</code></li>];
+         } else {
+           $r .= qq[<li>XML encoding = (null)</li>];
+         }
+         $r .= qq[<li>XML standalone = @{[$child->xml_standalone ? 'true' : 'false']}</li>];
+       }
        $r .= qq[</ul>];
        if ($child->has_child_nodes) {
          $r .= '<ol class="children">';
-Line 404 
 sub get_node_path ($) {
+Line 454 
 sub get_node_path ($) {
        $rs = '"' . $node->data . '"';
        $node = $node->parent_node;
      } elsif ($node->node_type == 9) {
+       @r = ('') unless @r;
        $rs = '';
        $node = $node->parent_node;
      } else {
-Line 442 
 sub get_text ($) {
+Line 493 
 sub get_text ($) {
    {
      if (defined $Msg->{$type}) {
        my $msg = $Msg->{$type}->[1];
-       $msg =~ s/\$([0-9]+)/defined $arg[$1] ? htescape ($arg[$1]) : '(undef)'/ge;
+       $msg =~ s{<var>\$([0-9]+)</var>}{
-       return ($Msg->{$type}->[0], $msg);
+         defined $arg[$1] ? htescape ($arg[$1]) : '(undef)';
+       }ge;
+       return ($type, $Msg->{$type}->[0], $msg);
      } elsif ($type =~ s/:([^:]*)$//) {
        unshift @arg, $1;
        redo;
      }
    }
-   return ('', htescape ($_[0]));
+   return ($type, '', htescape ($_[0]));
  } # get_text
  }
+ sub get_input_document ($$) {
+   my ($http, $dom) = @_;
+   my $request_uri = $http->parameter ('uri');
+   my $r = {};
+   if (defined $request_uri and length $request_uri) {
+     my $uri = $dom->create_uri_reference ($request_uri);
+     unless ({
+              http => 1,
+             }->{lc $uri->uri_scheme}) {
+       return {uri => $request_uri, request_uri => $request_uri,
+               error_status_text => 'URI scheme not allowed'};
+     }
+     require Message::Util::HostPermit;
+     my $host_permit = new Message::Util::HostPermit;
+     $host_permit->add_rule (<<EOH);
+ Allow host=suika port=80
+ Deny host=suika
+ Allow host=suika.fam.cx port=80
+ Deny host=suika.fam.cx
+ Deny host=localhost
+ Deny host=*.localdomain
+ Deny ipv4=0.0.0.0/8
+ Deny ipv4=10.0.0.0/8
+ Deny ipv4=127.0.0.0/8
+ Deny ipv4=169.254.0.0/16
+ Deny ipv4=172.0.0.0/11
+ Deny ipv4=192.0.2.0/24
+ Deny ipv4=192.88.99.0/24
+ Deny ipv4=192.168.0.0/16
+ Deny ipv4=198.18.0.0/15
+ Deny ipv4=224.0.0.0/4
+ Deny ipv4=255.255.255.255/32
+ Deny ipv6=0::0/0
+ Allow host=*
+ EOH
+     unless ($host_permit->check ($uri->uri_host, $uri->uri_port || 80)) {
+       return {uri => $request_uri, request_uri => $request_uri,
+               error_status_text => 'Connection to the host is forbidden'};
+     }
+     require LWP::UserAgent;
+     my $ua = WDCC::LWPUA->new;
+     $ua->{wdcc_dom} = $dom;
+     $ua->{wdcc_host_permit} = $host_permit;
+     $ua->agent ('Mozilla'); ## TODO: for now.
+     $ua->parse_head (0);
+     $ua->protocols_allowed ([qw/http/]);
+     $ua->max_size (1000_000);
+     my $req = HTTP::Request->new (GET => $request_uri);
+     my $res = $ua->request ($req);
+     if ($res->is_success or $http->parameter ('error-page')) {
+       $r->{base_uri} = $res->base; ## NOTE: It does check |Content-Base|, |Content-Location|, and <base>. ## TODO: Use our own code!
+       $r->{uri} = $res->request->uri;
+       $r->{request_uri} = $request_uri;
+       ## TODO: More strict parsing...
+       my $ct = $res->header ('Content-Type');
+       if (defined $ct and $ct =~ m#^([0-9A-Za-z._+-]+/[0-9A-Za-z._+-]+)#) {
+         $r->{media_type} = lc $1;
+       }
+       if (defined $ct and $ct =~ /;\s*charset\s*=\s*"?(\S+)"?/i) {
+         $r->{charset} = lc $1;
+         $r->{charset} =~ tr/\\//d;
+       }
+       my $input_charset = $http->parameter ('charset');
+       if (defined $input_charset and length $input_charset) {
+         $r->{charset_overridden}
+             = (not defined $r->{charset} or $r->{charset} ne $input_charset);
+         $r->{charset} = $input_charset;
+       }
+       $r->{s} = ''.$res->content;
+     } else {
+       $r->{uri} = $res->request->uri;
+       $r->{request_uri} = $request_uri;
+       $r->{error_status_text} = $res->status_line;
+     }
+     $r->{header_field} = [];
+     $res->scan (sub {
+       push @{$r->{header_field}}, [$_[0], $_[1]];
+     });
+     $r->{header_status_code} = $res->code;
+     $r->{header_status_text} = $res->message;
+   } else {
+     $r->{s} = ''.$http->parameter ('s');
+     $r->{uri} = q<thismessage:/>;
+     $r->{request_uri} = q<thismessage:/>;
+     $r->{base_uri} = q<thismessage:/>;
+     $r->{charset} = ''.$http->parameter ('_charset_');
+     $r->{charset} =~ s/\s+//g;
+     $r->{charset} = 'utf-8' if $r->{charset} eq '';
+     $r->{header_field} = [];
+   }
+   my $input_format = $http->parameter ('i');
+   if (defined $input_format and length $input_format) {
+     $r->{media_type_overridden}
+         = (not defined $r->{media_type} or $input_format ne $r->{media_type});
+     $r->{media_type} = $input_format;
+   }
+   if (defined $r->{s} and not defined $r->{media_type}) {
+     $r->{media_type} = 'text/html';
+     $r->{media_type_overridden} = 1;
+   }
+   if ($r->{media_type} eq 'text/xml') {
+     unless (defined $r->{charset}) {
+       $r->{charset} = 'us-ascii';
+     } elsif ($r->{charset_overridden} and $r->{charset} eq 'us-ascii') {
+       $r->{charset_overridden} = 0;
+     }
+   }
+   if (length $r->{s} > 1000_000) {
+     $r->{error_status_text} = 'Entity-body too large';
+     delete $r->{s};
+     return $r;
+   }
+   return $r;
+ } # get_input_document
+ package WDCC::LWPUA;
+ BEGIN { push our @ISA, 'LWP::UserAgent'; }
+ sub redirect_ok {
+   my $ua = shift;
+   unless ($ua->SUPER::redirect_ok (@_)) {
+     return 0;
+   }
+   my $uris = $_[1]->header ('Location');
+   return 0 unless $uris;
+   my $uri = $ua->{wdcc_dom}->create_uri_reference ($uris);
+   unless ({
+            http => 1,
+           }->{lc $uri->uri_scheme}) {
+     return 0;
+   }
+   unless ($ua->{wdcc_host_permit}->check ($uri->uri_host, $uri->uri_port || 80)) {
+     return 0;
+   }
+   return 1;
+ } # redirect_ok
  =head1 AUTHOR
  Wakaba <w@suika.fam.cx>.

 Legend:



Removed from v.1.8
 


changed lines


 
Added in v.1.11
 Legend:



Removed from v.1.8
 


changed lines


 
Added in v.1.11
-Removed from v.1.8
+Added in v.1.11

admin@suikawiki.org	ViewVC Help
Powered by ViewVC 1.1.24