different sequence of outputs to previous versions. If you relied on
mt_srand() to produce a deterministic sequence, it can be called using
mt_srand($seed, MT_RAND_PHP) to produce old the sequences.
+ . URL rewriter has been improved.
+ . Use dedicated buffer for Session module rewrite and User rewrite.
+ . Full path URL rewrite is supported. Allowed domain can be specified.
+ $_SERVER['HTTP_HOST'] is allowed by default when host whitelist is empty.
+ . Use session.trans_sid_tags and session.trans_sid_hosts to control
+ session rewrite.
+ . Use url_rewriter.tags and url_rewriter.hosts to control user rewrite.
+ . <form>'s "action" attribute is used to check if URL rewrite is allowed
+ and listed under hosts whitelist.
+ . <fieldset> is no longer considered as a special tag. <form> is the
+ only tag considered special.
- JSON:
. The serialize_precision is used instead of precision when encoding double
- mb_ereg() and mb_ereg_replace() reject illegal byte sequences.
- FILTER_FLAG_EMAIL_UNICODE can be used with filter_var() for email validation
according to RFC 6531.
+- output_reset_rewrite_vars() no longer reset session URL rewrite vars.
+
========================================
6. New Functions
{
int module_number = PS(module_number);
zval *sid, *data, *ppid;
+ zend_bool apply_trans_sid;
if (!PS(id)) {
php_error_docref(NULL, E_WARNING, "Cannot set session ID - session ID is not initialized");
}
/* Apply trans sid if sid cookie is not set */
- if (APPLY_TRANS_SID
- && (data = zend_hash_str_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE") - 1))) {
- ZVAL_DEREF(data);
- if (Z_TYPE_P(data) == IS_ARRAY && (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), strlen(PS(session_name))))) {
- ZVAL_DEREF(ppid);
- } else {
- /* FIXME: Resetting vars are required when
- session is stop/start/regenerated. However,
- php_url_scanner_reset_vars() resets all vars
- including other URL rewrites set by elsewhere. */
- /* php_url_scanner_reset_vars(); */
- php_url_scanner_add_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1);
+ apply_trans_sid = 0;
+ if (APPLY_TRANS_SID) {
+ apply_trans_sid = 1;
+ if (PS(use_cookies) &&
+ (data = zend_hash_str_find(&EG(symbol_table), "_COOKIE", sizeof("_COOKIE") - 1))) {
+ ZVAL_DEREF(data);
+ if (Z_TYPE_P(data) == IS_ARRAY &&
+ (ppid = zend_hash_str_find(Z_ARRVAL_P(data), PS(session_name), strlen(PS(session_name))))) {
+ ZVAL_DEREF(ppid);
+ apply_trans_sid = 0;
+ }
}
}
+ if (apply_trans_sid) {
+ zend_string *sname;
+ sname = zend_string_init(PS(session_name), strlen(PS(session_name)), 0);
+ php_url_scanner_reset_session_var(sname, 1); /* This may fail when session name has changed */
+ zend_string_release(sname);
+ php_url_scanner_add_session_var(PS(session_name), strlen(PS(session_name)), ZSTR_VAL(PS(id)), ZSTR_LEN(PS(id)), 1);
+ }
}
/* }}} */
<?php
error_reporting(E_ALL);
+ini_set('session.trans_sid_hosts', 'php.net');
+$_SERVER['HTTP_HOST'] = 'php.net';
session_id("abtest");
session_start();
?>
-<form>
+<form action="//bad.net/do.php">
+<fieldset>
+<form action="//php.net/do.php">
<fieldset>
<?php
ini_set("url_rewriter.tags", "a=href,area=href,frame=src,input=src,form=");
?>
-<form>
+<form action="../do.php">
<fieldset>
<?php
ini_set("url_rewriter.tags", "a=href,area=href,frame=src,input=src,form=fakeentry");
?>
-<form>
+<form action="/do.php">
<fieldset>
<?php
ini_set("url_rewriter.tags", "a=href,fieldset=,area=href,frame=src,input=src");
?>
-<form>
+<form action="/foo/do.php">
<fieldset>
<?php
session_destroy();
?>
--EXPECT--
-<form><input type="hidden" name="PHPSESSID" value="abtest" />
-<fieldset><input type="hidden" name="PHPSESSID" value="abtest" />
-<form><input type="hidden" name="PHPSESSID" value="abtest" />
+<form action="//bad.net/do.php">
+<fieldset>
+<form action="//php.net/do.php"><input type="hidden" name="PHPSESSID" value="abtest" />
+<fieldset>
+<form action="../do.php"><input type="hidden" name="PHPSESSID" value="abtest" />
+<fieldset>
+<form action="/do.php"><input type="hidden" name="PHPSESSID" value="abtest" />
<fieldset>
-<form><input type="hidden" name="PHPSESSID" value="abtest" />
+<form action="/foo/do.php"><input type="hidden" name="PHPSESSID" value="abtest" />
<fieldset>
-<form>
-<fieldset><input type="hidden" name="PHPSESSID" value="abtest" />
html_errors=0
session.use_trans_sid=0
session.save_handler=files
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
--FILE--
<?php
session_start();
<a href="foo"/>
<a href="foo" />
<a href=foo/>
+<a href="/">
<a href=/>
<a href=?foo=bar/>
<a href="?foo=bar"/>
+<a href=./>
+<a href="./">
--EXPECTF--
<a href="?PHPSESSID=%s"/>
<a href="?PHPSESSID=%s" />
<a href="foo?PHPSESSID=%s"/>
<a href="foo?PHPSESSID=%s" />
<a href=foo/?PHPSESSID=%s>
+<a href="/?PHPSESSID=%s">
<a href=/?PHPSESSID=%s>
<a href=?foo=bar/&PHPSESSID=%s>
<a href="?foo=bar&PHPSESSID=%s"/>
+<a href=./?PHPSESSID=%s>
+<a href="./?PHPSESSID=%s">
session.gc_maxlifetime=300
session.save_path=
session.name=PHPSESSID
---XFAIL--
-Waiting url_scanner_ex.re fix. https://bugs.php.net/bug.php?id=68970
+url_rewriter.hosts=
--SKIPIF--
<?php include('skipif.inc'); ?>
--FILE--
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="http://php.net/script.php" method="post">
+<form method="post" action="http://php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="https://php.net/script.php" method="post">
+<form method="post" action="https://php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="//php.net/script.php" method="post">
+<form method="post" action="//php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
*** Testing basic session functionality : variation3 use_trans_sid ***
*** Test trans sid ***
-<a href="/?PHPSESSID=testid">test</a>
-<a href="/?PHPSESSID=testid#bar">test</a>
-<a href="/?foo&PHPSESSID=testid">test</a>
-<a href="/?foo&PHPSESSID=testid#bar">test</a>
-<a href="/?foo=var&PHPSESSID=testid">test</a>
-<a href="/?foo=var&PHPSESSID=testid#bar">test</a>
-<a href="file.php?PHPSESSID=testid">test</a>
-<a href="file.php?foo&PHPSESSID=testid">test</a>
-<a href="file.php?foo=var&PHPSESSID=testid">test</a>
<a href="/?PHPSESSID=testid">test</a>
<a href="/path?PHPSESSID=testid">test</a>
<a href="/path/?PHPSESSID=testid">test</a>
<a href="../path/?PHPSESSID=testid#bar">test</a>
<a href="../path/?foo=var&PHPSESSID=testid#bar">test</a>
-<a href="/?foo">test</a>
-<a href="/?foo#bar">test</a>
-<a href="/?foo=var">test</a>
-<a href="/?foo=var#bar">test</a>
-<a href="../?foo">test</a>
-<a href="../?foo#bar">test</a>
-<a href="../?foo=var">test</a>
-<a href="../?foo=var#bar">test</a>
+<a href="/?foo&PHPSESSID=testid">test</a>
+<a href="/?foo&PHPSESSID=testid#bar">test</a>
+<a href="/?foo=var&PHPSESSID=testid">test</a>
+<a href="/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="../?foo&PHPSESSID=testid">test</a>
+<a href="../?foo&PHPSESSID=testid#bar">test</a>
+<a href="../?foo=var&PHPSESSID=testid">test</a>
+<a href="../?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="file.php?PHPSESSID=testid">test</a>
+<a href="file.php?foo&PHPSESSID=testid">test</a>
+<a href="file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="../file.php?PHPSESSID=testid">test</a>
+<a href="../file.php?foo&PHPSESSID=testid">test</a>
+<a href="../file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="../file.php?foo=var&PHPSESSID=testid#bar">test</a>
<a href="http://php.net">test</a>
<a href="http://php.net/">test</a>
<a href="//php.net/some/path/file.php?foo=var">test</a>
<a href="//php.net/some/path/file.php?foo=var#bar">test</a>
-<form action="script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form action="script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="../script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form action="../script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="/path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form action="/path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="../path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form action="../path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="http://php.net/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form method="post" action="http://php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="https://php.net/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form method="post" action="https://php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
-<form action="//php.net/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" /><input type="hidden" name="PHPSESSID" value="testid" />
+<form method="post" action="//php.net/script.php">
<input type="text" name="test1"></input>
<input type="text" name="test2" />
</form>
*** Cleanup ***
bool(true)
string(6) "testid"
-bool(true)
\ No newline at end of file
+bool(true)
--- /dev/null
+--TEST--
+Test basic function : variation4 use_trans_sid
+--INI--
+session.use_strict_mode=0
+session.use_only_cookies=0
+session.use_trans_sid=1
+session.save_handler=files
+session.hash_bits_per_character=4
+session.hash_function=0
+session.gc_probability=1
+session.gc_divisor=1000
+session.gc_maxlifetime=300
+session.save_path=
+session.name=PHPSESSID
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--FILE--
+<?php
+
+ob_start();
+
+/*
+ * Prototype : session.use_trans_sid=1
+ * Description : Test basic functionality.
+ * Source code : ext/session/session.c
+ */
+
+echo "*** Testing basic session functionality : variation4 use_trans_sid ***\n";
+
+echo "*** Test trans sid ***\n";
+output_add_rewrite_var('testvar1','testvalue1');
+
+session_id('test1');
+session_start();
+
+echo '
+<a href="/">
+<form action="" method="post">
+</form>
+';
+
+session_commit();
+
+output_add_rewrite_var('testvar2','testvalue2');
+
+session_id('test2');
+session_start();
+echo '
+<a href="/">
+<form action="" method="post">
+</form>
+';
+
+
+--EXPECT--
+*** Testing basic session functionality : variation4 use_trans_sid ***
+*** Test trans sid ***
+
+<a href="/?PHPSESSID=test2&testvar1=testvalue1&testvar2=testvalue2">
+<form action="" method="post"><input type="hidden" name="testvar1" value="testvalue1" /><input type="hidden" name="testvar2" value="testvalue2" /><input type="hidden" name="PHPSESSID" value="test2" />
+</form>
+
+<a href="/?PHPSESSID=test2&testvar1=testvalue1&testvar2=testvalue2">
+<form action="" method="post"><input type="hidden" name="testvar1" value="testvalue1" /><input type="hidden" name="testvar2" value="testvalue2" /><input type="hidden" name="PHPSESSID" value="test2" />
+</form>
--- /dev/null
+--TEST--
+Test basic function : variation5 use_trans_sid
+--INI--
+session.use_strict_mode=0
+session.use_only_cookies=0
+session.use_trans_sid=1
+session.save_handler=files
+session.hash_bits_per_character=4
+session.hash_function=0
+session.gc_probability=1
+session.gc_divisor=1000
+session.gc_maxlifetime=300
+session.save_path=
+session.name=PHPSESSID
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--FILE--
+<?php
+ob_start();
+
+$_SERVER['HTTP_HOST'] = 'php.net';
+ini_set('session.trans_sid_hosts','php.net,example.com');
+
+/*
+ * Prototype : session.use_trans_sid=1
+ * Description : Test basic functionality.
+ * Source code : ext/session/session.c
+ */
+
+echo "*** Testing basic session functionality : variation5 use_trans_sid ***\n";
+echo "*** Test trans sid ***\n";
+
+$session_id = 'testid';
+session_id($session_id);
+session_start();
+// Should add session ID to allowed hosts only for SECURITY
+echo '
+<a href="/">test</a>
+<a href="/path">test</a>
+<a href="/path/">test</a>
+<a href="/path/?foo=var">test</a>
+<a href="../">test</a>
+<a href="../path">test</a>
+<a href="../path/">test</a>
+<a href="../path/?foo=var">test</a>
+
+<a href="/#bar">test</a>
+<a href="/path/#bar">test</a>
+<a href="/path/?foo=var#bar">test</a>
+<a href="../#bar">test</a>
+<a href="../path/#bar">test</a>
+<a href="../path/?foo=var#bar">test</a>
+
+<a href="/?foo">test</a>
+<a href="/?foo#bar">test</a>
+<a href="/?foo=var">test</a>
+<a href="/?foo=var#bar">test</a>
+<a href="../?foo">test</a>
+<a href="../?foo#bar">test</a>
+<a href="../?foo=var">test</a>
+<a href="../?foo=var#bar">test</a>
+
+<a href="file.php">test</a>
+<a href="file.php?foo">test</a>
+<a href="file.php?foo=var">test</a>
+<a href="file.php?foo=var#bar">test</a>
+<a href="../file.php">test</a>
+<a href="../file.php?foo">test</a>
+<a href="../file.php?foo=var">test</a>
+<a href="../file.php?foo=var#bar">test</a>
+
+<a href="http://php.net">test</a>
+<a href="http://php.net/">test</a>
+<a href="http://php.net/#bar">test</a>
+<a href="http://php.net/?foo">test</a>
+<a href="http://php.net/?foo#bar">test</a>
+<a href="http://php.net/?foo=var">test</a>
+<a href="http://php.net/?foo=var#bar">test</a>
+<a href="http://php.net/file.php">test</a>
+<a href="http://php.net/file.php#bar">test</a>
+<a href="http://php.net/file.php?foo">test</a>
+<a href="http://php.net/file.php?foo#bar">test</a>
+<a href="http://php.net/file.php?foo=var">test</a>
+<a href="http://php.net/file.php?foo=var#bar">test</a>
+<a href="http://php.net/some/path/file.php">test</a>
+<a href="http://php.net/some/path/file.php?foo">test</a>
+<a href="http://php.net/some/path/file.php?foo=var">test</a>
+<a href="http://php.net/some/path/file.php?foo=var#bar">test</a>
+
+<a href="https://php.net">test</a>
+<a href="https://php.net/">test</a>
+<a href="https://php.net/?foo=var#bar">test</a>
+<a href="https://php.net/file.php">test</a>
+<a href="https://php.net/file.php?foo=var#bar">test</a>
+<a href="https://php.net/some/path/file.php">test</a>
+<a href="https://php.net/some/path/file.php?foo=var#bar">test</a>
+<a href="https://php.net:8443">test</a>
+<a href="https://php.net:8443/">test</a>
+<a href="https://php.net:8443/?foo=var#bar">test</a>
+<a href="https://php.net:8443/file.php">test</a>
+<a href="https://php.net:8443/file.php?foo=var#bar">test</a>
+<a href="https://php.net:8443/some/path/file.php">test</a>
+<a href="https://php.net:8443/some/path/file.php?foo=var#bar">test</a>
+
+<a href="//php.net">test</a>
+<a href="//php.net/">test</a>
+<a href="//php.net/#bar">test</a>
+<a href="//php.net/?foo">test</a>
+<a href="//php.net/?foo#bar">test</a>
+<a href="//php.net/?foo=var">test</a>
+<a href="//php.net/?foo=var#bar">test</a>
+<a href="//php.net/file.php">test</a>
+<a href="//php.net/file.php#bar">test</a>
+<a href="//php.net/file.php?foo">test</a>
+<a href="//php.net/file.php?foo#bar">test</a>
+<a href="//php.net/file.php?foo=var">test</a>
+<a href="//php.net/file.php?foo=var#bar">test</a>
+<a href="//php.net/some/path/file.php">test</a>
+<a href="//php.net/some/path/file.php?foo">test</a>
+<a href="//php.net/some/path/file.php?foo=var">test</a>
+<a href="//php.net/some/path/file.php?foo=var#bar">test</a>
+
+<form action="script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="../script.php" method="post">r
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="/path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="../path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="http://php.net/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="https://php.net/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="//php.net/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+
+
+<a href="http://bad.com">test</a>
+<a href="http://bad.com/">test</a>
+<a href="http://bad.com/#bar">test</a>
+<a href="http://bad.com/?foo">test</a>
+<a href="http://bad.com/?foo#bar">test</a>
+<a href="http://bad.com/?foo=var">test</a>
+<a href="http://bad.com/?foo=var#bar">test</a>
+<a href="http://bad.com/file.php">test</a>
+<a href="http://bad.com/file.php#bar">test</a>
+<a href="http://bad.com/file.php?foo">test</a>
+<a href="http://bad.com/file.php?foo#bar">test</a>
+<a href="http://bad.com/file.php?foo=var">test</a>
+<a href="http://bad.com/file.php?foo=var#bar">test</a>
+<a href="http://bad.com/some/path/file.php">test</a>
+<a href="http://bad.com/some/path/file.php?foo">test</a>
+<a href="http://bad.com/some/path/file.php?foo=var">test</a>
+<a href="http://bad.com/some/path/file.php?foo=var#bar">test</a>
+
+<a href="https://bad.com">test</a>
+<a href="https://bad.com/">test</a>
+<a href="https://bad.com/?foo=var#bar">test</a>
+<a href="https://bad.com/file.php">test</a>
+<a href="https://bad.com/file.php?foo=var#bar">test</a>
+<a href="https://bad.com/some/path/file.php">test</a>
+<a href="https://bad.com/some/path/file.php?foo=var#bar">test</a>
+<a href="https://bad.com:8443">test</a>
+<a href="https://bad.com:8443/">test</a>
+<a href="https://bad.com:8443/?foo=var#bar">test</a>
+<a href="https://bad.com:8443/file.php">test</a>
+<a href="https://bad.com:8443/file.php?foo=var#bar">test</a>
+<a href="https://bad.com:8443/some/path/file.php">test</a>
+<a href="https://bad.com:8443/some/path/file.php?foo=var#bar">test</a>
+
+<a href="//bad.com">test</a>
+<a href="//bad.com/">test</a>
+<a href="//bad.com/#bar">test</a>
+<a href="//bad.com/?foo">test</a>
+<a href="//bad.com/?foo#bar">test</a>
+<a href="//bad.com/?foo=var">test</a>
+<a href="//bad.com/?foo=var#bar">test</a>
+<a href="//bad.com/file.php">test</a>
+<a href="//bad.com/file.php#bar">test</a>
+<a href="//bad.com/file.php?foo">test</a>
+<a href="//bad.com/file.php?foo#bar">test</a>
+<a href="//bad.com/file.php?foo=var">test</a>
+<a href="//bad.com/file.php?foo=var#bar">test</a>
+<a href="//bad.com/some/path/file.php">test</a>
+<a href="//bad.com/some/path/file.php?foo">test</a>
+<a href="//bad.com/some/path/file.php?foo=var">test</a>
+<a href="//bad.com/some/path/file.php?foo=var#bar">test</a>
+
+<form action="//bad.com/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com/foo/../script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com//path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com/foo/bar../path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="http://bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="https://bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="//bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+
+';
+var_dump(session_commit());
+
+echo "*** Cleanup ***\n";
+var_dump(session_start());
+var_dump(session_id());
+var_dump(session_destroy());
+
+ob_end_flush();
+?>
+--EXPECT--
+*** Testing basic session functionality : variation5 use_trans_sid ***
+*** Test trans sid ***
+
+<a href="/?PHPSESSID=testid">test</a>
+<a href="/path?PHPSESSID=testid">test</a>
+<a href="/path/?PHPSESSID=testid">test</a>
+<a href="/path/?foo=var&PHPSESSID=testid">test</a>
+<a href="../?PHPSESSID=testid">test</a>
+<a href="../path?PHPSESSID=testid">test</a>
+<a href="../path/?PHPSESSID=testid">test</a>
+<a href="../path/?foo=var&PHPSESSID=testid">test</a>
+
+<a href="/?PHPSESSID=testid#bar">test</a>
+<a href="/path/?PHPSESSID=testid#bar">test</a>
+<a href="/path/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="../?PHPSESSID=testid#bar">test</a>
+<a href="../path/?PHPSESSID=testid#bar">test</a>
+<a href="../path/?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="/?foo&PHPSESSID=testid">test</a>
+<a href="/?foo&PHPSESSID=testid#bar">test</a>
+<a href="/?foo=var&PHPSESSID=testid">test</a>
+<a href="/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="../?foo&PHPSESSID=testid">test</a>
+<a href="../?foo&PHPSESSID=testid#bar">test</a>
+<a href="../?foo=var&PHPSESSID=testid">test</a>
+<a href="../?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="file.php?PHPSESSID=testid">test</a>
+<a href="file.php?foo&PHPSESSID=testid">test</a>
+<a href="file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="../file.php?PHPSESSID=testid">test</a>
+<a href="../file.php?foo&PHPSESSID=testid">test</a>
+<a href="../file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="../file.php?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="http://php.net/?PHPSESSID=testid">test</a>
+<a href="http://php.net/?PHPSESSID=testid">test</a>
+<a href="http://php.net/?PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/?foo&PHPSESSID=testid">test</a>
+<a href="http://php.net/?foo&PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/?foo=var&PHPSESSID=testid">test</a>
+<a href="http://php.net/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/file.php?PHPSESSID=testid">test</a>
+<a href="http://php.net/file.php?PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/file.php?foo&PHPSESSID=testid">test</a>
+<a href="http://php.net/file.php?foo&PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="http://php.net/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="http://php.net/some/path/file.php?PHPSESSID=testid">test</a>
+<a href="http://php.net/some/path/file.php?foo&PHPSESSID=testid">test</a>
+<a href="http://php.net/some/path/file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="http://php.net/some/path/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="https://php.net/?PHPSESSID=testid">test</a>
+<a href="https://php.net/?PHPSESSID=testid">test</a>
+<a href="https://php.net/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="https://php.net/file.php?PHPSESSID=testid">test</a>
+<a href="https://php.net/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="https://php.net/some/path/file.php?PHPSESSID=testid">test</a>
+<a href="https://php.net/some/path/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="https://php.net:8443/?PHPSESSID=testid">test</a>
+<a href="https://php.net:8443/?PHPSESSID=testid">test</a>
+<a href="https://php.net:8443/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="https://php.net:8443/file.php?PHPSESSID=testid">test</a>
+<a href="https://php.net:8443/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="https://php.net:8443/some/path/file.php?PHPSESSID=testid">test</a>
+<a href="https://php.net:8443/some/path/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+
+<a href="//php.net/?PHPSESSID=testid">test</a>
+<a href="//php.net/?PHPSESSID=testid">test</a>
+<a href="//php.net/?PHPSESSID=testid#bar">test</a>
+<a href="//php.net/?foo&PHPSESSID=testid">test</a>
+<a href="//php.net/?foo&PHPSESSID=testid#bar">test</a>
+<a href="//php.net/?foo=var&PHPSESSID=testid">test</a>
+<a href="//php.net/?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="//php.net/file.php?PHPSESSID=testid">test</a>
+<a href="//php.net/file.php?PHPSESSID=testid#bar">test</a>
+<a href="//php.net/file.php?foo&PHPSESSID=testid">test</a>
+<a href="//php.net/file.php?foo&PHPSESSID=testid#bar">test</a>
+<a href="//php.net/file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="//php.net/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+<a href="//php.net/some/path/file.php?PHPSESSID=testid">test</a>
+<a href="//php.net/some/path/file.php?foo&PHPSESSID=testid">test</a>
+<a href="//php.net/some/path/file.php?foo=var&PHPSESSID=testid">test</a>
+<a href="//php.net/some/path/file.php?foo=var&PHPSESSID=testid#bar">test</a>
+
+<form action="script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="../script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />r
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="/path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="../path/script.php" method="post"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="http://php.net/script.php"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="https://php.net/script.php"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="//php.net/script.php"><input type="hidden" name="PHPSESSID" value="testid" />
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+
+
+<a href="http://bad.com">test</a>
+<a href="http://bad.com/">test</a>
+<a href="http://bad.com/#bar">test</a>
+<a href="http://bad.com/?foo">test</a>
+<a href="http://bad.com/?foo#bar">test</a>
+<a href="http://bad.com/?foo=var">test</a>
+<a href="http://bad.com/?foo=var#bar">test</a>
+<a href="http://bad.com/file.php">test</a>
+<a href="http://bad.com/file.php#bar">test</a>
+<a href="http://bad.com/file.php?foo">test</a>
+<a href="http://bad.com/file.php?foo#bar">test</a>
+<a href="http://bad.com/file.php?foo=var">test</a>
+<a href="http://bad.com/file.php?foo=var#bar">test</a>
+<a href="http://bad.com/some/path/file.php">test</a>
+<a href="http://bad.com/some/path/file.php?foo">test</a>
+<a href="http://bad.com/some/path/file.php?foo=var">test</a>
+<a href="http://bad.com/some/path/file.php?foo=var#bar">test</a>
+
+<a href="https://bad.com">test</a>
+<a href="https://bad.com/">test</a>
+<a href="https://bad.com/?foo=var#bar">test</a>
+<a href="https://bad.com/file.php">test</a>
+<a href="https://bad.com/file.php?foo=var#bar">test</a>
+<a href="https://bad.com/some/path/file.php">test</a>
+<a href="https://bad.com/some/path/file.php?foo=var#bar">test</a>
+<a href="https://bad.com:8443">test</a>
+<a href="https://bad.com:8443/">test</a>
+<a href="https://bad.com:8443/?foo=var#bar">test</a>
+<a href="https://bad.com:8443/file.php">test</a>
+<a href="https://bad.com:8443/file.php?foo=var#bar">test</a>
+<a href="https://bad.com:8443/some/path/file.php">test</a>
+<a href="https://bad.com:8443/some/path/file.php?foo=var#bar">test</a>
+
+<a href="//bad.com">test</a>
+<a href="//bad.com/">test</a>
+<a href="//bad.com/#bar">test</a>
+<a href="//bad.com/?foo">test</a>
+<a href="//bad.com/?foo#bar">test</a>
+<a href="//bad.com/?foo=var">test</a>
+<a href="//bad.com/?foo=var#bar">test</a>
+<a href="//bad.com/file.php">test</a>
+<a href="//bad.com/file.php#bar">test</a>
+<a href="//bad.com/file.php?foo">test</a>
+<a href="//bad.com/file.php?foo#bar">test</a>
+<a href="//bad.com/file.php?foo=var">test</a>
+<a href="//bad.com/file.php?foo=var#bar">test</a>
+<a href="//bad.com/some/path/file.php">test</a>
+<a href="//bad.com/some/path/file.php?foo">test</a>
+<a href="//bad.com/some/path/file.php?foo=var">test</a>
+<a href="//bad.com/some/path/file.php?foo=var#bar">test</a>
+
+<form action="//bad.com/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com/foo/../script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com//path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form action="https://bad.com/foo/bar../path/script.php" method="post">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="http://bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="https://bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+<form method="post" action="//bad.com/script.php">
+ <input type="text" name="test1"></input>
+ <input type="text" name="test2" />
+</form>
+
+NULL
+*** Cleanup ***
+bool(true)
+string(6) "testid"
+bool(true)
memset(&BG(serialize), 0, sizeof(BG(serialize)));
memset(&BG(unserialize), 0, sizeof(BG(unserialize)));
- memset(&BG(url_adapt_state_ex), 0, sizeof(BG(url_adapt_state_ex)));
+ memset(&BG(url_adapt_session_ex), 0, sizeof(BG(url_adapt_session_ex)));
+ memset(&BG(url_adapt_output_ex), 0, sizeof(BG(url_adapt_output_ex)));
#if defined(_REENTRANT) && defined(HAVE_MBRLEN) && defined(HAVE_MBSTATE_T)
memset(&BG(mblen_state), 0, sizeof(BG(mblen_state)));
static void basic_globals_dtor(php_basic_globals *basic_globals_p) /* {{{ */
{
- if (basic_globals_p->url_adapt_state_ex.tags) {
- zend_hash_destroy(basic_globals_p->url_adapt_state_ex.tags);
- free(basic_globals_p->url_adapt_state_ex.tags);
+ if (basic_globals_p->url_adapt_session_ex.tags) {
+ zend_hash_destroy(basic_globals_p->url_adapt_session_ex.tags);
+ free(basic_globals_p->url_adapt_session_ex.tags);
+ }
+ if (basic_globals_p->url_adapt_output_ex.tags) {
+ zend_hash_destroy(basic_globals_p->url_adapt_output_ex.tags);
+ free(basic_globals_p->url_adapt_output_ex.tags);
}
}
/* }}} */
} unserialize;
/* url_scanner_ex.re */
- url_adapt_state_ex_t url_adapt_state_ex;
+ url_adapt_state_ex_t url_adapt_session_ex;
+ HashTable url_adapt_session_hosts_ht;
+ url_adapt_state_ex_t url_adapt_output_ex;
+ HashTable url_adapt_output_hosts_ht;
#ifdef HAVE_MMAP
void *mmap_file;
--TEST--
Bug #44394 (Last two bytes missing from output)
+--INI--
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
--FILE--
<?php
--INI--
session.name=PHPSESSID
session.use_only_cookies=0
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
--FILE--
<?php
}
?>
--EXPECTF--
-<a href='a?q=1&PHPSESSID=%s&a=b'>asd</a>
+<a href='a?q=1&a=b&PHPSESSID=%s'>asd</a>
--- /dev/null
+--TEST--
+Test output_add_rewrite_var() function basic feature
+--SKIPIF--
+--INI--
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
+--FILE--
+<?php
+ ob_start();
+// Common setting
+ini_set('url_rewriter.hosts', 'php.net,www.php.net');
+ini_set('session.trans_sid_hosts', 'php.net,www.php.net');
+ini_set('session.use_only_cookies', 0);
+ini_set('session.use_cookies', 0);
+ini_set('session.use_strict_mode', 0);
+session_id('testid');
+
+output_add_rewrite_var('<name>', '<value>');
+?>
+Without session
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get">
+<form action="//php.net/bar.php" method="get">
+<form action="http://php.net/bar.php" method="get">
+<form action="bad://php.net/bar.php" method="get">
+<form action="//www.php.net/bar.php" method="get">
+
+<?php
+ini_set('session.use_trans_sid', 0);
+session_start();
+output_add_rewrite_var('<name>', '<value>');
+?>
+Test use_trans_sid=0
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </form>
+<form action="//php.net/bar.php" method="get"> </form>
+<form action="http://php.net/bar.php" method="get"> </form>
+<form action="bad://php.net/bar.php" method="get"> </form>
+<form action="//www.php.net/bar.php" method="get"> </form>
+
+<?php
+session_commit();
+ini_set('session.use_trans_sid', 1);
+output_reset_rewrite_vars();
+session_start();
+output_add_rewrite_var('<NAME>', '<VALUE>');
+?>
+Test use_trans_sid=1
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </form>
+<form action="//php.net/bar.php" method="get"> </form>
+<form action="http://php.net/bar.php" method="get"> </form>
+<form action="bad://php.net/bar.php" method="get"> </form>
+<form action="//www.php.net/bar.php" method="get"> </form>
+
+--EXPECT--
+Without session
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" />
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" />
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" />
+<form action="bad://php.net/bar.php" method="get">
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" />
+
+Test use_trans_sid=0
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="bad://php.net/bar.php" method="get"> </form>
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+
+Test use_trans_sid=1
+<a href="?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </form>
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </form>
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </form>
+<form action="bad://php.net/bar.php" method="get"> </form>
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </form>
--- /dev/null
+--TEST--
+Test output_add_rewrite_var() function basic feature
+--SKIPIF--
+--INI--
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
+--FILE--
+<?php
+ ob_start();
+// Common setting
+ini_set('url_rewriter.hosts', 'php.net,www.php.net');
+ini_set('session.trans_sid_hosts', 'php.net,www.php.net');
+ini_set('session.use_only_cookies', 1);
+ini_set('session.use_cookies', 1);
+ini_set('session.use_strict_mode', 0);
+session_id('testid');
+
+output_add_rewrite_var('<name>', '<value>');
+?>
+Without session
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+ini_set('session.use_trans_sid', 0);
+session_start();
+output_add_rewrite_var('<name>', '<value>');
+?>
+Test use_trans_sid=0
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+session_commit();
+ini_set('session.use_trans_sid', 1);
+output_reset_rewrite_vars();
+session_start();
+output_add_rewrite_var('<NAME>', '<VALUE>');
+?>
+Test use_trans_sid=1
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+--EXPECT--
+Without session
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+
+Test use_trans_sid=0
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+
+Test use_trans_sid=1
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="http://php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="http://php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
--- /dev/null
+--TEST--
+Test output_add_rewrite_var() function basic feature
+--SKIPIF--
+--INI--
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
+--FILE--
+<?php
+ ob_start();
+// Common setting
+ini_set('url_rewriter.hosts', 'example.com');
+ini_set('session.use_only_cookies', 0);
+ini_set('session.use_cookies', 0);
+ini_set('session.use_strict_mode', 0);
+session_id('testid');
+
+output_add_rewrite_var('<name>', '<value>');
+?>
+Without session
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+ini_set('session.use_trans_sid', 0);
+session_start();
+output_add_rewrite_var('<name>', '<value>');
+?>
+Test use_trans_sid=0
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+session_commit();
+ini_set('session.use_trans_sid', 1);
+output_reset_rewrite_vars();
+session_start();
+output_add_rewrite_var('<NAME>', '<VALUE>');
+?>
+Test use_trans_sid=1
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+--EXPECT--
+Without session
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+Test use_trans_sid=0
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+Test use_trans_sid=1
+<a href="?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?PHPSESSID=testid&%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"><input type="hidden" name="PHPSESSID" value="testid" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /><input type="hidden" name="PHPSESSID" value="testid" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
--- /dev/null
+--TEST--
+Test output_add_rewrite_var() function basic feature
+--SKIPIF--
+--INI--
+session.trans_sid_tags="a=href,area=href,frame=src,form="
+url_rewriter.tags="a=href,area=href,frame=src,form="
+--FILE--
+<?php
+ ob_start();
+// Common setting
+ini_set('url_rewriter.hosts', 'example.com');
+ini_set('session.use_only_cookies', 1);
+ini_set('session.use_cookies', 1);
+ini_set('session.use_strict_mode', 0);
+session_id('testid');
+
+output_add_rewrite_var('<name>', '<value>');
+?>
+Without session
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+ini_set('session.use_trans_sid', 0);
+session_start();
+output_add_rewrite_var('<name>', '<value>');
+?>
+Test use_trans_sid=0
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+<?php
+session_commit();
+ini_set('session.use_trans_sid', 1);
+output_reset_rewrite_vars();
+session_start();
+output_add_rewrite_var('<NAME>', '<VALUE>');
+?>
+Test use_trans_sid=1
+<a href=""> </a>
+<a href="./foo.php"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+--EXPECT--
+Without session
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+Test use_trans_sid=0
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
+
+Test use_trans_sid=1
+<a href="?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="./foo.php?%3CNAME%3E=%3CVALUE%3E"> </a>
+<a href="//php.net/foo.php"> </a>
+<a href="http://php.net/foo.php"> </a>
+<a href="bad://php.net/foo.php"> </a>
+<a href="//www.php.net/foo.php"> </a>
+
+<form method="get"> </form>
+<form action="./foo.php" method="get"><input type="hidden" name="<NAME>" value="<VALUE>" /> </a>
+<form action="//php.net/bar.php" method="get"> </a>
+<form action="http://php.net/bar.php" method="get"> </a>
+<form action="bad://php.net/bar.php" method="get"> </a>
+<form action="//www.php.net/bar.php" method="get"> </a>
-/* Generated by re2c 0.13.5 */
+/* Generated by re2c 0.14.3 */
#line 1 "ext/standard/url_scanner_ex.re"
/*
+----------------------------------------------------------------------+
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
| Author: Sascha Schumann <sascha@schumann.cx> |
+ | Yasuo Ohgaki <yohgaki@ohgaki.net> |
+----------------------------------------------------------------------+
*/
#include <stdlib.h>
#include <string.h>
+#include "SAPI.h"
#include "php_ini.h"
#include "php_globals.h"
+#include "php_string.h"
#define STATE_TAG SOME_OTHER_STATE_TAG
#include "basic_functions.h"
#include "url.h"
+#include "html.h"
#undef STATE_TAG
#define url_scanner url_scanner_ex
free(Z_PTR_P(zv));
}
-static PHP_INI_MH(OnUpdateTags)
+static int php_ini_on_update_tags(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
{
url_adapt_state_ex_t *ctx;
char *key;
char *tmp;
char *lasts = NULL;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
zend_hash_init(ctx->tags, 0, NULL, tag_dtor, 1);
for (key = php_strtok_r(tmp, ",", &lasts);
- key;
- key = php_strtok_r(NULL, ",", &lasts)) {
+ key;
+ key = php_strtok_r(NULL, ",", &lasts)) {
char *val;
val = strchr(key, '=');
size_t keylen;
*val++ = '\0';
- for (q = key; *q; q++)
+ for (q = key; *q; q++) {
*q = tolower(*q);
+ }
keylen = q - key;
- /* key is stored withOUT NUL
- val is stored WITH NUL */
zend_hash_str_add_mem(ctx->tags, key, keylen, val, strlen(val)+1);
}
}
return SUCCESS;
}
+static PHP_INI_MH(OnUpdateSessionTags)
+{
+ return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
+}
+
+static PHP_INI_MH(OnUpdateOutputTags)
+{
+ return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
+}
+
+static int php_ini_on_update_hosts(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
+{
+ HashTable *hosts;
+ char *key;
+ char *tmp;
+ char *lasts = NULL;
+
+ if (type) {
+ hosts = &BG(url_adapt_session_hosts_ht);
+ } else {
+ hosts = &BG(url_adapt_output_hosts_ht);
+ }
+ zend_hash_clean(hosts);
+
+ /* Use user supplied host whitelist */
+ tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
+ for (key = php_strtok_r(tmp, ",", &lasts);
+ key;
+ key = php_strtok_r(NULL, ",", &lasts)) {
+ size_t keylen;
+ zend_string *tmp_key;
+ char *q;
+
+ for (q = key; *q; q++) {
+ *q = tolower(*q);
+ }
+ keylen = q - key;
+ if (keylen > 0) {
+ tmp_key = zend_string_init(key, keylen, 0);
+ zend_hash_add_empty_element(hosts, tmp_key);
+ zend_string_release(tmp_key);
+ }
+ }
+ efree(tmp);
+
+ return SUCCESS;
+}
+
+static PHP_INI_MH(OnUpdateSessionHosts)
+{
+ return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
+}
+
+static PHP_INI_MH(OnUpdateOutputHosts)
+{
+ return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
+}
+
+/* FIXME: OnUpdate*Hosts cannot set default to $_SERVER['HTTP_HOST'] at startup */
PHP_INI_BEGIN()
- STD_PHP_INI_ENTRY("url_rewriter.tags", "a=href,area=href,frame=src,form=,fieldset=", PHP_INI_ALL, OnUpdateTags, url_adapt_state_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("session.trans_sid_tags", "a=href,area=href,frame=src,form=", PHP_INI_ALL, OnUpdateSessionTags, url_adapt_session_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("session.trans_sid_hosts", "", PHP_INI_ALL, OnUpdateSessionHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("url_rewriter.tags", "form=", PHP_INI_ALL, OnUpdateOutputTags, url_adapt_session_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("url_rewriter.hosts", "", PHP_INI_ALL, OnUpdateOutputHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
PHP_INI_END()
-#line 107 "ext/standard/url_scanner_ex.re"
+#line 176 "ext/standard/url_scanner_ex.re"
#define YYFILL(n) goto done
static inline void append_modified_url(smart_str *url, smart_str *dest, smart_str *url_app, const char *separator)
{
- register const char *p, *q;
- const char *bash = NULL;
- const char *sep = "?";
-
- q = (p = ZSTR_VAL(url->s)) + ZSTR_LEN(url->s);
-
-scan:
+ php_url *url_parts;
+ char *tmp;
+ size_t tmp_len;
-#line 123 "ext/standard/url_scanner_ex.c"
-{
- YYCTYPE yych;
- static const unsigned char yybm[] = {
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 0, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 0, 128, 128, 128, 128, 0,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- 128, 128, 128, 128, 128, 128, 128, 128,
- };
+ smart_str_0(url); /* FIXME: Bug #70480 php_url_parse_ex() crashes by processing chars exceed len */
+ url_parts = php_url_parse_ex(ZSTR_VAL(url->s), ZSTR_LEN(url->s));
- if (YYLIMIT <= YYCURSOR) YYFILL(1);
- yych = *YYCURSOR;
- if (yybm[0+yych] & 128) {
- goto yy8;
- }
- if (yych <= '9') goto yy6;
- if (yych >= ';') goto yy4;
- ++YYCURSOR;
-#line 125 "ext/standard/url_scanner_ex.re"
- { smart_str_append_smart_str(dest, url); return; }
-#line 171 "ext/standard/url_scanner_ex.c"
-yy4:
- ++YYCURSOR;
-#line 126 "ext/standard/url_scanner_ex.re"
- { sep = separator; goto scan; }
-#line 176 "ext/standard/url_scanner_ex.c"
-yy6:
- ++YYCURSOR;
-#line 127 "ext/standard/url_scanner_ex.re"
- { bash = p - 1; goto done; }
-#line 181 "ext/standard/url_scanner_ex.c"
-yy8:
- ++YYCURSOR;
- if (YYLIMIT <= YYCURSOR) YYFILL(1);
- yych = *YYCURSOR;
- if (yybm[0+yych] & 128) {
- goto yy8;
+ /* Ignore malformed URLs */
+ if (!url_parts) {
+ smart_str_append_smart_str(dest, url);
+ return;
}
-#line 128 "ext/standard/url_scanner_ex.re"
- { goto scan; }
-#line 191 "ext/standard/url_scanner_ex.c"
-}
-#line 129 "ext/standard/url_scanner_ex.re"
-done:
-
- /* Don't modify URLs of the format "#mark" */
- if (bash && bash - ZSTR_VAL(url->s) == 0) {
+ /* Check protocol. Only http/https is allowed. */
+ if (url_parts->scheme
+ && strcasecmp("http", url_parts->scheme)
+ && strcasecmp("https", url_parts->scheme)) {
smart_str_append_smart_str(dest, url);
+ php_url_free(url_parts);
return;
}
- if (bash)
- smart_str_appendl(dest, ZSTR_VAL(url->s), bash - ZSTR_VAL(url->s));
- else
+ /* Check host whitelist. If it's not listed, do nothing. */
+ if (url_parts->host
+ && (tmp_len = strlen(url_parts->host))
+ && (tmp = php_strtolower(url_parts->host, tmp_len))
+ && !zend_hash_str_find(&BG(url_adapt_session_hosts_ht), tmp, tmp_len)) {
smart_str_append_smart_str(dest, url);
+ php_url_free(url_parts);
+ return;
+ }
- smart_str_appends(dest, sep);
- smart_str_append_smart_str(dest, url_app);
+ /*
+ * When URL does not have path and query string add "/?".
+ * i.e. If URL is only "?foo=bar", should not add "/?".
+ */
+ if (!url_parts->path && !url_parts->query) {
+ /* URL is http://php.net or like */
+ smart_str_append_smart_str(dest, url);
+ smart_str_appendc(dest, '/');
+ smart_str_appendc(dest, '?');
+ smart_str_append_smart_str(dest, url_app);
+ /* There should not be fragment. Just return */
+ php_url_free(url_parts);
+ return;
+ }
- if (bash)
- smart_str_appendl(dest, bash, q - bash);
+ if (url_parts->scheme) {
+ smart_str_appends(dest, url_parts->scheme);
+ smart_str_appends(dest, "://");
+ } else if (*(ZSTR_VAL(url->s)) == '/' && *(ZSTR_VAL(url->s)+1) == '/') {
+ smart_str_appends(dest, "//");
+ }
+ if (url_parts->user) {
+ smart_str_appends(dest, url_parts->user);
+ if (url_parts->pass) {
+ smart_str_appends(dest, url_parts->pass);
+ smart_str_appendc(dest, ':');
+ }
+ smart_str_appendc(dest, '@');
+ }
+ if (url_parts->host) {
+ smart_str_appends(dest, url_parts->host);
+ }
+ if (url_parts->port) {
+ smart_str_appendc(dest, ':');
+ smart_str_append_unsigned(dest, (long)url_parts->port);
+ }
+ if (url_parts->path) {
+ smart_str_appends(dest, url_parts->path);
+ }
+ smart_str_appendc(dest, '?');
+ if (url_parts->query) {
+ smart_str_appends(dest, url_parts->query);
+ smart_str_appends(dest, separator);
+ smart_str_append_smart_str(dest, url_app);
+ } else {
+ smart_str_append_smart_str(dest, url_app);
+ }
+ if (url_parts->fragment) {
+ smart_str_appendc(dest, '#');
+ smart_str_appends(dest, url_parts->fragment);
+ }
+ php_url_free(url_parts);
}
+enum {
+ TAG_NORMAL = 0,
+ TAG_FORM
+};
+
+enum {
+ ATTR_NORMAL = 0,
+ ATTR_ACTION
+};
#undef YYFILL
#undef YYCTYPE
{
char f = 0;
- if (strncasecmp(ZSTR_VAL(ctx->arg.s), ctx->lookup_data, ZSTR_LEN(ctx->arg.s)) == 0)
+ /* arg.s is string WITHOUT NUL.
+ To avoid partial match, NUL is added here */
+ ZSTR_VAL(ctx->arg.s)[ZSTR_LEN(ctx->arg.s)] = '\0';
+ if (!strcasecmp(ZSTR_VAL(ctx->arg.s), ctx->lookup_data)) {
f = 1;
+ }
- if (quotes)
+ if (quotes) {
smart_str_appendc(&ctx->result, type);
+ }
if (f) {
append_modified_url(&ctx->val, &ctx->result, &ctx->url_app, PG(arg_separator).output);
} else {
smart_str_append_smart_str(&ctx->result, &ctx->val);
}
- if (quotes)
+ if (quotes) {
smart_str_appendc(&ctx->result, type);
+ }
}
enum {
smart_str_appendl(&ctx->result, start, YYCURSOR - start);
}
+
+static int check_http_host(char *target)
+{
+ zval *host, *tmp;
+ zend_string *host_tmp;
+ char *colon;
+
+ if ((tmp = zend_hash_str_find(&EG(symbol_table), ZEND_STRL("_SERVER"))) &&
+ (host = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("HTTP_HOST"))) &&
+ Z_TYPE_P(host) == IS_STRING) {
+ host_tmp = zend_string_init(Z_STRVAL_P(host), Z_STRLEN_P(host), 0);
+ /* HTTP_HOST could be 'localhost:8888' etc. */
+ colon = strchr(ZSTR_VAL(host_tmp), ':');
+ if (colon) {
+ ZSTR_LEN(host_tmp) = colon - ZSTR_VAL(host_tmp);
+ ZSTR_VAL(host_tmp)[ZSTR_LEN(host_tmp)] = '\0';
+ }
+ if (!strcasecmp(ZSTR_VAL(host_tmp), target)) {
+ zend_string_release(host_tmp);
+ return SUCCESS;
+ }
+ zend_string_release(host_tmp);
+ }
+ return FAILURE;
+}
+
+static int check_host_whitelist(url_adapt_state_ex_t *ctx)
+{
+ php_url *url_parts = NULL;
+ HashTable *allowed_hosts = ctx->type ? &BG(url_adapt_session_hosts_ht) : &BG(url_adapt_output_hosts_ht);
+
+ ZEND_ASSERT(ctx->tag_type == TAG_FORM);
+
+ if (ctx->attr_val.s && ZSTR_LEN(ctx->attr_val.s)) {
+ url_parts = php_url_parse_ex(ZSTR_VAL(ctx->attr_val.s), ZSTR_LEN(ctx->attr_val.s));
+ } else {
+ return SUCCESS; /* empty URL is valid */
+ }
+
+ if (!url_parts) {
+ return FAILURE;
+ }
+ if (url_parts->scheme) {
+ /* Only http/https should be handled.
+ A bit hacky check this here, but saves a URL parse. */
+ if (strcasecmp(url_parts->scheme, "http") &&
+ strcasecmp(url_parts->scheme, "https")) {
+ php_url_free(url_parts);
+ return FAILURE;
+ }
+ }
+ if (!url_parts->host) {
+ php_url_free(url_parts);
+ return SUCCESS;
+ }
+ if (!zend_hash_num_elements(allowed_hosts) &&
+ check_http_host(url_parts->host) == SUCCESS) {
+ php_url_free(url_parts);
+ return SUCCESS;
+ }
+ if (!zend_hash_str_find(allowed_hosts,
+ url_parts->host,
+ strlen(url_parts->host))) {
+ php_url_free(url_parts);
+ return FAILURE;
+ }
+ php_url_free(url_parts);
+ return SUCCESS;
+}
+
/*
- * This function appends a hidden input field after a <form> or
- * <fieldset>. The latter is important for XHTML.
+ * This function appends a hidden input field after a <form>.
*/
-
static void handle_form(STD_PARA)
{
int doit = 0;
if (ZSTR_LEN(ctx->form_app.s) > 0) {
switch (ZSTR_LEN(ctx->tag.s)) {
case sizeof("form") - 1:
- if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "form", sizeof("form") - 1)) {
- doit = 1;
- }
- if (doit && ctx->val.s && ctx->lookup_data && *ctx->lookup_data) {
- char *e, *p = (char *)zend_memnstr(ZSTR_VAL(ctx->val.s), "://", sizeof("://") - 1, ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s));
- if (p) {
- e = memchr(p, '/', (ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s)) - p);
- if (!e) {
- e = ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s);
- }
- if ((e - p) && strncasecmp(p, ctx->lookup_data, (e - p))) {
- doit = 0;
- }
- }
- }
- break;
-
- case sizeof("fieldset") - 1:
- if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "fieldset", sizeof("fieldset") - 1)) {
+ if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))
+ && check_host_whitelist(ctx) == SUCCESS) {
doit = 1;
}
break;
}
+ }
- if (doit)
- smart_str_append_smart_str(&ctx->result, &ctx->form_app);
+ if (doit) {
+ smart_str_append_smart_str(&ctx->result, &ctx->form_app);
}
}
for (i = 0; i < ZSTR_LEN(ctx->tag.s); i++)
ZSTR_VAL(ctx->tag.s)[i] = tolower((int)(unsigned char)ZSTR_VAL(ctx->tag.s)[i]);
/* intentionally using str_find here, in case the hash value is set, but the string val is changed later */
- if ((ctx->lookup_data = zend_hash_str_find_ptr(ctx->tags, ZSTR_VAL(ctx->tag.s), ZSTR_LEN(ctx->tag.s))) != NULL)
+ if ((ctx->lookup_data = zend_hash_str_find_ptr(ctx->tags, ZSTR_VAL(ctx->tag.s), ZSTR_LEN(ctx->tag.s))) != NULL) {
ok = 1;
+ if (ZSTR_LEN(ctx->tag.s) == sizeof("form")-1
+ && !strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))) {
+ ctx->tag_type = TAG_FORM;
+ } else {
+ ctx->tag_type = TAG_NORMAL;
+ }
+ }
STATE = ok ? STATE_NEXT_ARG : STATE_PLAIN;
}
ZSTR_LEN(ctx->arg.s) = 0;
}
smart_str_appendl(&ctx->arg, start, YYCURSOR - start);
+ if (ctx->tag_type == TAG_FORM &&
+ strncasecmp(ZSTR_VAL(ctx->arg.s), "action", ZSTR_LEN(ctx->arg.s)) == 0) {
+ ctx->attr_type = ATTR_ACTION;
+ } else {
+ ctx->attr_type = ATTR_NORMAL;
+ }
}
static inline void handle_val(STD_PARA, char quotes, char type)
{
smart_str_setl(&ctx->val, start + quotes, YYCURSOR - start - quotes * 2);
+ if (ctx->tag_type == TAG_FORM && ctx->attr_type == ATTR_ACTION) {
+ smart_str_setl(&ctx->attr_val, start + quotes, YYCURSOR - start - quotes * 2);
+ }
tag_arg(ctx, quotes, type);
}
state_plain:
start = YYCURSOR;
-#line 378 "ext/standard/url_scanner_ex.c"
+#line 516 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
128, 128, 128, 128, 128, 128, 128, 128,
128, 128, 128, 128, 128, 128, 128, 128,
};
+
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
if (yybm[0+yych] & 128) {
- goto yy15;
+ goto yy4;
}
++YYCURSOR;
-#line 313 "ext/standard/url_scanner_ex.re"
+#line 518 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_TAG; goto state_tag; }
-#line 423 "ext/standard/url_scanner_ex.c"
-yy15:
+#line 562 "ext/standard/url_scanner_ex.c"
+yy4:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
if (yybm[0+yych] & 128) {
- goto yy15;
+ goto yy4;
}
-#line 314 "ext/standard/url_scanner_ex.re"
+#line 519 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain; }
-#line 433 "ext/standard/url_scanner_ex.c"
+#line 572 "ext/standard/url_scanner_ex.c"
}
-#line 315 "ext/standard/url_scanner_ex.re"
+#line 520 "ext/standard/url_scanner_ex.re"
state_tag:
start = YYCURSOR;
-#line 441 "ext/standard/url_scanner_ex.c"
+#line 580 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
if (yych <= '@') {
- if (yych != ':') goto yy22;
+ if (yych != ':') goto yy11;
} else {
- if (yych <= 'Z') goto yy20;
- if (yych <= '`') goto yy22;
- if (yych >= '{') goto yy22;
+ if (yych <= 'Z') goto yy9;
+ if (yych <= '`') goto yy11;
+ if (yych >= '{') goto yy11;
}
-yy20:
+yy9:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy25;
-yy21:
-#line 320 "ext/standard/url_scanner_ex.re"
+ goto yy14;
+yy10:
+#line 525 "ext/standard/url_scanner_ex.re"
{ handle_tag(STD_ARGS); /* Sets STATE */; passthru(STD_ARGS); if (STATE == STATE_PLAIN) goto state_plain; else goto state_next_arg; }
-#line 494 "ext/standard/url_scanner_ex.c"
-yy22:
+#line 633 "ext/standard/url_scanner_ex.c"
+yy11:
++YYCURSOR;
-#line 321 "ext/standard/url_scanner_ex.re"
+#line 526 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain_begin; }
-#line 499 "ext/standard/url_scanner_ex.c"
-yy24:
+#line 638 "ext/standard/url_scanner_ex.c"
+yy13:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy25:
+yy14:
if (yybm[0+yych] & 128) {
- goto yy24;
+ goto yy13;
}
- goto yy21;
+ goto yy10;
}
-#line 322 "ext/standard/url_scanner_ex.re"
+#line 527 "ext/standard/url_scanner_ex.re"
state_next_arg_begin:
state_next_arg:
start = YYCURSOR;
-#line 519 "ext/standard/url_scanner_ex.c"
+#line 658 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
yych = *YYCURSOR;
if (yych <= '.') {
if (yych <= '\f') {
- if (yych <= 0x08) goto yy36;
- if (yych <= '\v') goto yy32;
- goto yy36;
+ if (yych <= 0x08) goto yy25;
+ if (yych <= '\v') goto yy21;
+ goto yy25;
} else {
- if (yych <= '\r') goto yy32;
- if (yych == ' ') goto yy32;
- goto yy36;
+ if (yych <= '\r') goto yy21;
+ if (yych == ' ') goto yy21;
+ goto yy25;
}
} else {
if (yych <= '@') {
- if (yych <= '/') goto yy28;
- if (yych == '>') goto yy30;
- goto yy36;
+ if (yych <= '/') goto yy17;
+ if (yych == '>') goto yy19;
+ goto yy25;
} else {
- if (yych <= 'Z') goto yy34;
- if (yych <= '`') goto yy36;
- if (yych <= 'z') goto yy34;
- goto yy36;
+ if (yych <= 'Z') goto yy23;
+ if (yych <= '`') goto yy25;
+ if (yych <= 'z') goto yy23;
+ goto yy25;
}
}
-yy28:
+yy17:
++YYCURSOR;
- if ((yych = *YYCURSOR) == '>') goto yy39;
-yy29:
-#line 333 "ext/standard/url_scanner_ex.re"
+ if ((yych = *YYCURSOR) == '>') goto yy28;
+yy18:
+#line 538 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_plain_begin; }
-#line 586 "ext/standard/url_scanner_ex.c"
-yy30:
+#line 725 "ext/standard/url_scanner_ex.c"
+yy19:
++YYCURSOR;
-yy31:
-#line 330 "ext/standard/url_scanner_ex.re"
+yy20:
+#line 535 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); handle_form(STD_ARGS); goto state_plain_begin; }
-#line 592 "ext/standard/url_scanner_ex.c"
-yy32:
+#line 731 "ext/standard/url_scanner_ex.c"
+yy21:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy38;
-yy33:
-#line 331 "ext/standard/url_scanner_ex.re"
+ goto yy27;
+yy22:
+#line 536 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg; }
-#line 600 "ext/standard/url_scanner_ex.c"
-yy34:
+#line 739 "ext/standard/url_scanner_ex.c"
+yy23:
++YYCURSOR;
-#line 332 "ext/standard/url_scanner_ex.re"
+#line 537 "ext/standard/url_scanner_ex.re"
{ --YYCURSOR; STATE = STATE_ARG; goto state_arg; }
-#line 605 "ext/standard/url_scanner_ex.c"
-yy36:
+#line 744 "ext/standard/url_scanner_ex.c"
+yy25:
yych = *++YYCURSOR;
- goto yy29;
-yy37:
+ goto yy18;
+yy26:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy38:
+yy27:
if (yybm[0+yych] & 128) {
- goto yy37;
+ goto yy26;
}
- goto yy33;
-yy39:
+ goto yy22;
+yy28:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy31;
+ goto yy20;
}
-#line 334 "ext/standard/url_scanner_ex.re"
+#line 539 "ext/standard/url_scanner_ex.re"
state_arg:
start = YYCURSOR;
-#line 629 "ext/standard/url_scanner_ex.c"
+#line 768 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
};
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
- if (yych <= '@') goto yy44;
- if (yych <= 'Z') goto yy42;
- if (yych <= '`') goto yy44;
- if (yych >= '{') goto yy44;
-yy42:
+ if (yych <= '@') goto yy33;
+ if (yych <= 'Z') goto yy31;
+ if (yych <= '`') goto yy33;
+ if (yych >= '{') goto yy33;
+yy31:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy47;
-yy43:
-#line 339 "ext/standard/url_scanner_ex.re"
+ goto yy36;
+yy32:
+#line 544 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); handle_arg(STD_ARGS); STATE = STATE_BEFORE_VAL; goto state_before_val; }
-#line 679 "ext/standard/url_scanner_ex.c"
-yy44:
+#line 818 "ext/standard/url_scanner_ex.c"
+yy33:
++YYCURSOR;
-#line 340 "ext/standard/url_scanner_ex.re"
+#line 545 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_NEXT_ARG; goto state_next_arg; }
-#line 684 "ext/standard/url_scanner_ex.c"
-yy46:
+#line 823 "ext/standard/url_scanner_ex.c"
+yy35:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy47:
+yy36:
if (yybm[0+yych] & 128) {
- goto yy46;
+ goto yy35;
}
- goto yy43;
+ goto yy32;
}
-#line 341 "ext/standard/url_scanner_ex.re"
+#line 546 "ext/standard/url_scanner_ex.re"
state_before_val:
start = YYCURSOR;
-#line 701 "ext/standard/url_scanner_ex.c"
+#line 840 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
};
if ((YYLIMIT - YYCURSOR) < 2) YYFILL(2);
yych = *YYCURSOR;
- if (yych == ' ') goto yy50;
- if (yych == '=') goto yy52;
- goto yy54;
-yy50:
+ if (yych == ' ') goto yy39;
+ if (yych == '=') goto yy41;
+ goto yy43;
+yy39:
yych = *(YYMARKER = ++YYCURSOR);
- if (yych == ' ') goto yy57;
- if (yych == '=') goto yy55;
-yy51:
-#line 347 "ext/standard/url_scanner_ex.re"
+ if (yych == ' ') goto yy46;
+ if (yych == '=') goto yy44;
+yy40:
+#line 552 "ext/standard/url_scanner_ex.re"
{ --YYCURSOR; goto state_next_arg_begin; }
-#line 750 "ext/standard/url_scanner_ex.c"
-yy52:
+#line 889 "ext/standard/url_scanner_ex.c"
+yy41:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy56;
-yy53:
-#line 346 "ext/standard/url_scanner_ex.re"
+ goto yy45;
+yy42:
+#line 551 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); STATE = STATE_VAL; goto state_val; }
-#line 758 "ext/standard/url_scanner_ex.c"
-yy54:
+#line 897 "ext/standard/url_scanner_ex.c"
+yy43:
yych = *++YYCURSOR;
- goto yy51;
-yy55:
+ goto yy40;
+yy44:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy56:
+yy45:
if (yybm[0+yych] & 128) {
- goto yy55;
+ goto yy44;
}
- goto yy53;
-yy57:
+ goto yy42;
+yy46:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
- if (yych == ' ') goto yy57;
- if (yych == '=') goto yy55;
+ if (yych == ' ') goto yy46;
+ if (yych == '=') goto yy44;
YYCURSOR = YYMARKER;
- goto yy51;
+ goto yy40;
}
-#line 348 "ext/standard/url_scanner_ex.re"
+#line 553 "ext/standard/url_scanner_ex.re"
state_val:
start = YYCURSOR;
-#line 787 "ext/standard/url_scanner_ex.c"
+#line 926 "ext/standard/url_scanner_ex.c"
{
YYCTYPE yych;
static const unsigned char yybm[] = {
yych = *YYCURSOR;
if (yych <= ' ') {
if (yych <= '\f') {
- if (yych <= 0x08) goto yy65;
- if (yych <= '\n') goto yy67;
- goto yy65;
+ if (yych <= 0x08) goto yy54;
+ if (yych <= '\n') goto yy56;
+ goto yy54;
} else {
- if (yych <= '\r') goto yy67;
- if (yych <= 0x1F) goto yy65;
- goto yy67;
+ if (yych <= '\r') goto yy56;
+ if (yych <= 0x1F) goto yy54;
+ goto yy56;
}
} else {
if (yych <= '&') {
- if (yych != '"') goto yy65;
+ if (yych != '"') goto yy54;
} else {
- if (yych <= '\'') goto yy64;
- if (yych == '>') goto yy67;
- goto yy65;
+ if (yych <= '\'') goto yy53;
+ if (yych == '>') goto yy56;
+ goto yy54;
}
}
yych = *(YYMARKER = ++YYCURSOR);
- if (yych != '>') goto yy76;
-yy63:
-#line 357 "ext/standard/url_scanner_ex.re"
+ if (yych != '>') goto yy65;
+yy52:
+#line 562 "ext/standard/url_scanner_ex.re"
{ passthru(STD_ARGS); goto state_next_arg_begin; }
-#line 850 "ext/standard/url_scanner_ex.c"
-yy64:
+#line 989 "ext/standard/url_scanner_ex.c"
+yy53:
yych = *(YYMARKER = ++YYCURSOR);
- if (yych == '>') goto yy63;
- goto yy71;
-yy65:
+ if (yych == '>') goto yy52;
+ goto yy60;
+yy54:
++YYCURSOR;
yych = *YYCURSOR;
- goto yy69;
-yy66:
-#line 356 "ext/standard/url_scanner_ex.re"
+ goto yy58;
+yy55:
+#line 561 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 0, ' '); goto state_next_arg_begin; }
-#line 862 "ext/standard/url_scanner_ex.c"
-yy67:
+#line 1001 "ext/standard/url_scanner_ex.c"
+yy56:
yych = *++YYCURSOR;
- goto yy63;
-yy68:
+ goto yy52;
+yy57:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy69:
+yy58:
if (yybm[0+yych] & 32) {
- goto yy68;
+ goto yy57;
}
- goto yy66;
-yy70:
+ goto yy55;
+yy59:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy71:
+yy60:
if (yybm[0+yych] & 64) {
- goto yy70;
+ goto yy59;
}
- if (yych <= '=') goto yy73;
-yy72:
+ if (yych <= '\'') goto yy62;
+yy61:
YYCURSOR = YYMARKER;
- goto yy63;
-yy73:
+ goto yy52;
+yy62:
++YYCURSOR;
-#line 355 "ext/standard/url_scanner_ex.re"
+#line 560 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '\''); goto state_next_arg_begin; }
-#line 891 "ext/standard/url_scanner_ex.c"
-yy75:
+#line 1030 "ext/standard/url_scanner_ex.c"
+yy64:
++YYCURSOR;
if (YYLIMIT <= YYCURSOR) YYFILL(1);
yych = *YYCURSOR;
-yy76:
+yy65:
if (yybm[0+yych] & 128) {
- goto yy75;
+ goto yy64;
}
- if (yych >= '>') goto yy72;
+ if (yych >= '#') goto yy61;
++YYCURSOR;
-#line 354 "ext/standard/url_scanner_ex.re"
+#line 559 "ext/standard/url_scanner_ex.re"
{ handle_val(STD_ARGS, 1, '"'); goto state_next_arg_begin; }
-#line 904 "ext/standard/url_scanner_ex.c"
+#line 1043 "ext/standard/url_scanner_ex.c"
}
-#line 358 "ext/standard/url_scanner_ex.re"
+#line 563 "ext/standard/url_scanner_ex.re"
stop:
}
-PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int urlencode)
+PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int encode)
{
char *result;
smart_str surl = {0};
smart_str_appendl(&surl, url, urllen);
- if (urlencode) {
+ if (encode) {
encoded = php_raw_url_encode(name, strlen(name));
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
zend_string_free(encoded);
smart_str_appends(&url_app, name);
}
smart_str_appendc(&url_app, '=');
- if (urlencode) {
+ if (encode) {
encoded = php_raw_url_encode(value, strlen(value));
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
zend_string_free(encoded);
}
-static char *url_adapt_ext(const char *src, size_t srclen, size_t *newlen, zend_bool do_flush)
+static char *url_adapt_ext(const char *src, size_t srclen, size_t *newlen, zend_bool do_flush, url_adapt_state_ex_t *ctx)
{
- url_adapt_state_ex_t *ctx;
char *retval;
- ctx = &BG(url_adapt_state_ex);
-
xx_mainloop(ctx, src, srclen);
if (!ctx->result.s) {
*newlen += ZSTR_LEN(ctx->buf.s);
smart_str_free(&ctx->buf);
smart_str_free(&ctx->val);
+ smart_str_free(&ctx->attr_val);
}
retval = estrndup(ZSTR_VAL(ctx->result.s), ZSTR_LEN(ctx->result.s));
smart_str_free(&ctx->result);
return retval;
}
-static int php_url_scanner_ex_activate(void)
+static int php_url_scanner_ex_activate(int type)
{
url_adapt_state_ex_t *ctx;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
memset(ctx, 0, ((size_t) &((url_adapt_state_ex_t *)0)->tags));
return SUCCESS;
}
-static int php_url_scanner_ex_deactivate(void)
+static int php_url_scanner_ex_deactivate(int type)
{
url_adapt_state_ex_t *ctx;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
smart_str_free(&ctx->result);
smart_str_free(&ctx->buf);
smart_str_free(&ctx->tag);
smart_str_free(&ctx->arg);
+ smart_str_free(&ctx->attr_val);
return SUCCESS;
}
-static void php_url_scanner_output_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+static inline void php_url_scanner_session_handler_impl(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode, int type)
{
size_t len;
+ url_adapt_state_ex_t *url_state;
- if (ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) != 0) {
- *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0));
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ }
+
+ if (ZSTR_LEN(url_state->url_app.s) != 0) {
+ *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0), url_state);
if (sizeof(uint) < sizeof(size_t)) {
if (len > UINT_MAX)
len = UINT_MAX;
}
*handled_output_len = len;
- } else if (ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) == 0) {
- url_adapt_state_ex_t *ctx = &BG(url_adapt_state_ex);
+ } else if (ZSTR_LEN(url_state->url_app.s) == 0) {
+ url_adapt_state_ex_t *ctx = url_state;
if (ctx->buf.s && ZSTR_LEN(ctx->buf.s)) {
smart_str_append(&ctx->result, ctx->buf.s);
smart_str_appendl(&ctx->result, output, output_len);
}
}
-PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int urlencode)
+static void php_url_scanner_session_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+{
+ php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 1);
+}
+
+static void php_url_scanner_output_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+{
+ php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 0);
+}
+
+static inline int php_url_scanner_add_var_impl(char *name, size_t name_len, char *value, size_t value_len, int encode, int type)
{
smart_str sname = {0};
smart_str svalue = {0};
+ smart_str hname = {0};
+ smart_str hvalue = {0};
zend_string *encoded;
+ url_adapt_state_ex_t *url_state;
+ php_output_handler_func_t handler;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ handler = php_url_scanner_session_handler;
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ handler = php_url_scanner_output_handler;
+ }
- if (!BG(url_adapt_state_ex).active) {
- php_url_scanner_ex_activate();
- php_output_start_internal(ZEND_STRL("URL-Rewriter"), php_url_scanner_output_handler, 0, PHP_OUTPUT_HANDLER_STDFLAGS);
- BG(url_adapt_state_ex).active = 1;
+ if (!url_state->active) {
+ php_url_scanner_ex_activate(type);
+ php_output_start_internal(ZEND_STRL("URL-Rewriter"), handler, 0, PHP_OUTPUT_HANDLER_STDFLAGS);
+ url_state->active = 1;
}
- if (BG(url_adapt_state_ex).url_app.s && ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) != 0) {
- smart_str_appends(&BG(url_adapt_state_ex).url_app, PG(arg_separator).output);
+ if (url_state->url_app.s && ZSTR_LEN(url_state->url_app.s) != 0) {
+ smart_str_appends(&url_state->url_app, PG(arg_separator).output);
}
- if (urlencode) {
+ if (encode) {
encoded = php_raw_url_encode(name, name_len);
- smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
- zend_string_free(encoded);
+ smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
encoded = php_raw_url_encode(value, value_len);
- smart_str_appendl(&svalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
- zend_string_free(encoded);
+ smart_str_appendl(&svalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char*)name, name_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char*)value, value_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hvalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
} else {
smart_str_appendl(&sname, name, name_len);
smart_str_appendl(&svalue, value, value_len);
+ smart_str_appendl(&hname, name, name_len);
+ smart_str_appendl(&hvalue, value, value_len);
}
- smart_str_append_smart_str(&BG(url_adapt_state_ex).url_app, &sname);
- smart_str_appendc(&BG(url_adapt_state_ex).url_app, '=');
- smart_str_append_smart_str(&BG(url_adapt_state_ex).url_app, &svalue);
+ smart_str_append_smart_str(&url_state->url_app, &sname);
+ smart_str_appendc(&url_state->url_app, '=');
+ smart_str_append_smart_str(&url_state->url_app, &svalue);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "<input type=\"hidden\" name=\"");
- smart_str_append_smart_str(&BG(url_adapt_state_ex).form_app, &sname);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "\" value=\"");
- smart_str_append_smart_str(&BG(url_adapt_state_ex).form_app, &svalue);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "\" />");
+ smart_str_appends(&url_state->form_app, "<input type=\"hidden\" name=\"");
+ smart_str_append_smart_str(&url_state->form_app, &hname);
+ smart_str_appends(&url_state->form_app, "\" value=\"");
+ smart_str_append_smart_str(&url_state->form_app, &hvalue);
+ smart_str_appends(&url_state->form_app, "\" />");
smart_str_free(&sname);
smart_str_free(&svalue);
+ smart_str_free(&hname);
+ smart_str_free(&hvalue);
return SUCCESS;
}
-PHPAPI int php_url_scanner_reset_vars(void)
+
+PHPAPI int php_url_scanner_add_session_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
+{
+ return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 1);
+}
+
+
+PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
{
- if (BG(url_adapt_state_ex).form_app.s) {
- ZSTR_LEN(BG(url_adapt_state_ex).form_app.s) = 0;
+ return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 0);
+}
+
+
+static inline void php_url_scanner_reset_vars_impl(int type) {
+ url_adapt_state_ex_t *url_state;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
}
- if (BG(url_adapt_state_ex).url_app.s) {
- ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) = 0;
+
+ if (url_state->form_app.s) {
+ ZSTR_LEN(url_state->form_app.s) = 0;
+ }
+ if (url_state->url_app.s) {
+ ZSTR_LEN(url_state->url_app.s) = 0;
}
+}
+
+PHPAPI int php_url_scanner_reset_session_vars(void)
+{
+ php_url_scanner_reset_vars_impl(1);
return SUCCESS;
}
+
+PHPAPI int php_url_scanner_reset_vars(void)
+{
+ php_url_scanner_reset_vars_impl(0);
+ return SUCCESS;
+}
+
+
+static inline int php_url_scanner_reset_var_impl(zend_string *name, int encode, int type)
+{
+ char *start, *end, *limit;
+ size_t separator_len;
+ smart_str sname = {0};
+ smart_str hname = {0};
+ smart_str url_app = {0};
+ smart_str form_app = {0};
+ zend_string *encoded;
+ int ret = SUCCESS;
+ zend_bool sep_removed = 0;
+ url_adapt_state_ex_t *url_state;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ }
+
+ /* Short circuit check. Only check url_app. */
+ if (!url_state->url_app.s || !ZSTR_LEN(url_state->url_app.s)) {
+ return SUCCESS;
+ }
+
+ if (encode) {
+ encoded = php_raw_url_encode(ZSTR_VAL(name), ZSTR_LEN(name));
+ smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
+ zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char *)ZSTR_VAL(name), ZSTR_LEN(name), 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
+ zend_string_free(encoded);
+ } else {
+ smart_str_appendl(&sname, ZSTR_VAL(name), ZSTR_LEN(name));
+ smart_str_appendl(&hname, ZSTR_VAL(name), ZSTR_LEN(name));
+ }
+ smart_str_0(&sname);
+ smart_str_0(&hname);
+
+ smart_str_append_smart_str(&url_app, &sname);
+ smart_str_appendc(&url_app, '=');
+ smart_str_0(&url_app);
+
+ smart_str_appends(&form_app, "<input type=\"hidden\" name=\"");
+ smart_str_append_smart_str(&form_app, &hname);
+ smart_str_appends(&form_app, "\" value=\"");
+ smart_str_0(&form_app);
+
+ /* Short circuit check. Only check url_app. */
+ start = (char *) php_memnstr(ZSTR_VAL(url_state->url_app.s),
+ ZSTR_VAL(url_app.s), ZSTR_LEN(url_app.s),
+ ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s));
+ if (!start) {
+ ret = FAILURE;
+ goto finish;
+ }
+
+ /* Get end of url var */
+ limit = ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s);
+ end = start + ZSTR_LEN(url_app.s);
+ separator_len = strlen(PG(arg_separator).output);
+ while (end < limit) {
+ if (!memcmp(end, PG(arg_separator).output, separator_len)) {
+ end += separator_len;
+ sep_removed = 1;
+ break;
+ }
+ end++;
+ }
+ /* Remove all when this is the only rewrite var */
+ if (ZSTR_LEN(url_state->url_app.s) == end - start) {
+ php_url_scanner_reset_vars_impl(type);
+ goto finish;
+ }
+ /* Check preceeding separator */
+ if (!sep_removed
+ && start - PG(arg_separator).output >= separator_len
+ && !memcmp(start - separator_len, PG(arg_separator).output, separator_len)) {
+ start -= separator_len;
+ }
+ /* Remove partially */
+ memmove(start, end,
+ ZSTR_LEN(url_state->url_app.s) - (end - ZSTR_VAL(url_state->url_app.s)));
+ ZSTR_LEN(url_state->url_app.s) -= end - start;
+ ZSTR_VAL(url_state->url_app.s)[ZSTR_LEN(url_state->url_app.s)] = '\0';
+
+ /* Remove form var */
+ start = (char *) php_memnstr(ZSTR_VAL(url_state->form_app.s),
+ ZSTR_VAL(form_app.s), ZSTR_LEN(form_app.s),
+ ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s));
+ if (!start) {
+ /* Should not happen */
+ ret = FAILURE;
+ php_url_scanner_reset_vars_impl(type);
+ goto finish;
+ }
+ /* Get end of form var */
+ limit = ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s);
+ end = start + ZSTR_LEN(form_app.s);
+ while (end < limit) {
+ if (*end == '>') {
+ end += 1;
+ break;
+ }
+ end++;
+ }
+ /* Remove partially */
+ memmove(start, end,
+ ZSTR_LEN(url_state->form_app.s) - (end - ZSTR_VAL(url_state->form_app.s)));
+ ZSTR_LEN(url_state->form_app.s) -= end - start;
+ ZSTR_VAL(url_state->form_app.s)[ZSTR_LEN(url_state->form_app.s)] = '\0';
+
+finish:
+ smart_str_free(&url_app);
+ smart_str_free(&form_app);
+ smart_str_free(&sname);
+ smart_str_free(&hname);
+ return ret;
+}
+
+
+PHPAPI int php_url_scanner_reset_session_var(zend_string *name, int encode)
+{
+ return php_url_scanner_reset_var_impl(name, encode, 1);
+}
+
+
+PHPAPI int php_url_scanner_reset_var(zend_string *name, int encode)
+{
+ return php_url_scanner_reset_var_impl(name, encode, 0);
+}
+
+
PHP_MINIT_FUNCTION(url_scanner)
{
- BG(url_adapt_state_ex).tags = NULL;
+ BG(url_adapt_session_ex).tags = NULL;
+ BG(url_adapt_session_ex).form_app.s = BG(url_adapt_session_ex).url_app.s = NULL;
+ zend_hash_init(&BG(url_adapt_session_hosts_ht), 0, NULL, NULL, 1);
- BG(url_adapt_state_ex).form_app.s = BG(url_adapt_state_ex).url_app.s = NULL;
+ BG(url_adapt_output_ex).tags = NULL;
+ BG(url_adapt_output_ex).form_app.s = BG(url_adapt_output_ex).url_app.s = NULL;
+ zend_hash_init(&BG(url_adapt_output_hosts_ht), 0, NULL, NULL, 1);
+
+ BG(url_adapt_session_ex).type = 1;
+ BG(url_adapt_output_ex).type = 0;
REGISTER_INI_ENTRIES();
return SUCCESS;
PHP_RINIT_FUNCTION(url_scanner)
{
- BG(url_adapt_state_ex).active = 0;
-
+ BG(url_adapt_session_ex).active = 0;
+ BG(url_adapt_session_ex).tag_type = 0;
+ BG(url_adapt_session_ex).attr_type = 0;
+ BG(url_adapt_output_ex).active = 0;
+ BG(url_adapt_output_ex).tag_type = 0;
+ BG(url_adapt_output_ex).attr_type = 0;
return SUCCESS;
}
PHP_RSHUTDOWN_FUNCTION(url_scanner)
{
- if (BG(url_adapt_state_ex).active) {
- php_url_scanner_ex_deactivate();
- BG(url_adapt_state_ex).active = 0;
+ if (BG(url_adapt_session_ex).active) {
+ php_url_scanner_ex_deactivate(1);
+ BG(url_adapt_session_ex).active = 0;
+ BG(url_adapt_session_ex).tag_type = 0;
+ BG(url_adapt_session_ex).attr_type = 0;
}
-
- smart_str_free(&BG(url_adapt_state_ex).form_app);
- smart_str_free(&BG(url_adapt_state_ex).url_app);
+ smart_str_free(&BG(url_adapt_session_ex).form_app);
+ smart_str_free(&BG(url_adapt_session_ex).url_app);
+
+ if (BG(url_adapt_output_ex).active) {
+ php_url_scanner_ex_deactivate(0);
+ BG(url_adapt_output_ex).active = 0;
+ BG(url_adapt_output_ex).tag_type = 0;
+ BG(url_adapt_output_ex).attr_type = 0;
+ }
+ smart_str_free(&BG(url_adapt_output_ex).form_app);
+ smart_str_free(&BG(url_adapt_output_ex).url_app);
return SUCCESS;
}
PHP_RINIT_FUNCTION(url_scanner_ex);
PHP_RSHUTDOWN_FUNCTION(url_scanner_ex);
-PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int urlencode);
-PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int urlencode);
+PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int encode);
+PHPAPI int php_url_scanner_add_session_var(char *name, size_t name_len, char *value, size_t value_len, int encode);
+PHPAPI int php_url_scanner_reset_session_var(zend_string *name, int encode);
+PHPAPI int php_url_scanner_reset_session_vars(void);
+PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int encode);
+PHPAPI int php_url_scanner_reset_var(zend_string *name, int encode);
PHPAPI int php_url_scanner_reset_vars(void);
#include "zend_smart_str_public.h"
char *lookup_data;
int state;
+ int type;
+ smart_str attr_val;
+ int tag_type;
+ int attr_type;
+
/* Everything above is zeroed in RINIT */
HashTable *tags;
} url_adapt_state_ex_t;
| license@php.net so we can mail you a copy immediately. |
+----------------------------------------------------------------------+
| Author: Sascha Schumann <sascha@schumann.cx> |
+ | Yasuo Ohgaki <yohgaki@ohgaki.net> |
+----------------------------------------------------------------------+
*/
#include <stdlib.h>
#include <string.h>
+#include "SAPI.h"
#include "php_ini.h"
#include "php_globals.h"
+#include "php_string.h"
#define STATE_TAG SOME_OTHER_STATE_TAG
#include "basic_functions.h"
#include "url.h"
+#include "html.h"
#undef STATE_TAG
#define url_scanner url_scanner_ex
free(Z_PTR_P(zv));
}
-static PHP_INI_MH(OnUpdateTags)
+static int php_ini_on_update_tags(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
{
url_adapt_state_ex_t *ctx;
char *key;
char *tmp;
char *lasts = NULL;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
zend_hash_init(ctx->tags, 0, NULL, tag_dtor, 1);
for (key = php_strtok_r(tmp, ",", &lasts);
- key;
- key = php_strtok_r(NULL, ",", &lasts)) {
+ key;
+ key = php_strtok_r(NULL, ",", &lasts)) {
char *val;
val = strchr(key, '=');
size_t keylen;
*val++ = '\0';
- for (q = key; *q; q++)
+ for (q = key; *q; q++) {
*q = tolower(*q);
+ }
keylen = q - key;
- /* key is stored withOUT NUL
- val is stored WITH NUL */
zend_hash_str_add_mem(ctx->tags, key, keylen, val, strlen(val)+1);
}
}
return SUCCESS;
}
+static PHP_INI_MH(OnUpdateSessionTags)
+{
+ return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
+}
+
+static PHP_INI_MH(OnUpdateOutputTags)
+{
+ return php_ini_on_update_tags(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
+}
+
+static int php_ini_on_update_hosts(zend_ini_entry *entry, zend_string *new_value, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage, int type)
+{
+ HashTable *hosts;
+ char *key;
+ char *tmp;
+ char *lasts = NULL;
+
+ if (type) {
+ hosts = &BG(url_adapt_session_hosts_ht);
+ } else {
+ hosts = &BG(url_adapt_output_hosts_ht);
+ }
+ zend_hash_clean(hosts);
+
+ /* Use user supplied host whitelist */
+ tmp = estrndup(ZSTR_VAL(new_value), ZSTR_LEN(new_value));
+ for (key = php_strtok_r(tmp, ",", &lasts);
+ key;
+ key = php_strtok_r(NULL, ",", &lasts)) {
+ size_t keylen;
+ zend_string *tmp_key;
+ char *q;
+
+ for (q = key; *q; q++) {
+ *q = tolower(*q);
+ }
+ keylen = q - key;
+ if (keylen > 0) {
+ tmp_key = zend_string_init(key, keylen, 0);
+ zend_hash_add_empty_element(hosts, tmp_key);
+ zend_string_release(tmp_key);
+ }
+ }
+ efree(tmp);
+
+ return SUCCESS;
+}
+
+static PHP_INI_MH(OnUpdateSessionHosts)
+{
+ return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 1);
+}
+
+static PHP_INI_MH(OnUpdateOutputHosts)
+{
+ return php_ini_on_update_hosts(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage, 0);
+}
+
+/* FIXME: OnUpdate*Hosts cannot set default to $_SERVER['HTTP_HOST'] at startup */
PHP_INI_BEGIN()
- STD_PHP_INI_ENTRY("url_rewriter.tags", "a=href,area=href,frame=src,form=,fieldset=", PHP_INI_ALL, OnUpdateTags, url_adapt_state_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("session.trans_sid_tags", "a=href,area=href,frame=src,form=", PHP_INI_ALL, OnUpdateSessionTags, url_adapt_session_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("session.trans_sid_hosts", "", PHP_INI_ALL, OnUpdateSessionHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("url_rewriter.tags", "form=", PHP_INI_ALL, OnUpdateOutputTags, url_adapt_session_ex, php_basic_globals, basic_globals)
+ STD_PHP_INI_ENTRY("url_rewriter.hosts", "", PHP_INI_ALL, OnUpdateOutputHosts, url_adapt_session_hosts_ht, php_basic_globals, basic_globals)
PHP_INI_END()
/*!re2c
static inline void append_modified_url(smart_str *url, smart_str *dest, smart_str *url_app, const char *separator)
{
- register const char *p, *q;
- const char *bash = NULL;
- const char *sep = "?";
+ php_url *url_parts;
+ char *tmp;
+ size_t tmp_len;
- q = (p = ZSTR_VAL(url->s)) + ZSTR_LEN(url->s);
+ smart_str_0(url); /* FIXME: Bug #70480 php_url_parse_ex() crashes by processing chars exceed len */
+ url_parts = php_url_parse_ex(ZSTR_VAL(url->s), ZSTR_LEN(url->s));
-scan:
-/*!re2c
- ":" { smart_str_append_smart_str(dest, url); return; }
- "?" { sep = separator; goto scan; }
- "#" { bash = p - 1; goto done; }
- (any\[:?#])+ { goto scan; }
-*/
-done:
+ /* Ignore malformed URLs */
+ if (!url_parts) {
+ smart_str_append_smart_str(dest, url);
+ return;
+ }
- /* Don't modify URLs of the format "#mark" */
- if (bash && bash - ZSTR_VAL(url->s) == 0) {
+ /* Check protocol. Only http/https is allowed. */
+ if (url_parts->scheme
+ && strcasecmp("http", url_parts->scheme)
+ && strcasecmp("https", url_parts->scheme)) {
smart_str_append_smart_str(dest, url);
+ php_url_free(url_parts);
return;
}
- if (bash)
- smart_str_appendl(dest, ZSTR_VAL(url->s), bash - ZSTR_VAL(url->s));
- else
+ /* Check host whitelist. If it's not listed, do nothing. */
+ if (url_parts->host
+ && (tmp_len = strlen(url_parts->host))
+ && (tmp = php_strtolower(url_parts->host, tmp_len))
+ && !zend_hash_str_find(&BG(url_adapt_session_hosts_ht), tmp, tmp_len)) {
smart_str_append_smart_str(dest, url);
+ php_url_free(url_parts);
+ return;
+ }
- smart_str_appends(dest, sep);
- smart_str_append_smart_str(dest, url_app);
+ /*
+ * When URL does not have path and query string add "/?".
+ * i.e. If URL is only "?foo=bar", should not add "/?".
+ */
+ if (!url_parts->path && !url_parts->query) {
+ /* URL is http://php.net or like */
+ smart_str_append_smart_str(dest, url);
+ smart_str_appendc(dest, '/');
+ smart_str_appendc(dest, '?');
+ smart_str_append_smart_str(dest, url_app);
+ /* There should not be fragment. Just return */
+ php_url_free(url_parts);
+ return;
+ }
- if (bash)
- smart_str_appendl(dest, bash, q - bash);
+ if (url_parts->scheme) {
+ smart_str_appends(dest, url_parts->scheme);
+ smart_str_appends(dest, "://");
+ } else if (*(ZSTR_VAL(url->s)) == '/' && *(ZSTR_VAL(url->s)+1) == '/') {
+ smart_str_appends(dest, "//");
+ }
+ if (url_parts->user) {
+ smart_str_appends(dest, url_parts->user);
+ if (url_parts->pass) {
+ smart_str_appends(dest, url_parts->pass);
+ smart_str_appendc(dest, ':');
+ }
+ smart_str_appendc(dest, '@');
+ }
+ if (url_parts->host) {
+ smart_str_appends(dest, url_parts->host);
+ }
+ if (url_parts->port) {
+ smart_str_appendc(dest, ':');
+ smart_str_append_unsigned(dest, (long)url_parts->port);
+ }
+ if (url_parts->path) {
+ smart_str_appends(dest, url_parts->path);
+ }
+ smart_str_appendc(dest, '?');
+ if (url_parts->query) {
+ smart_str_appends(dest, url_parts->query);
+ smart_str_appends(dest, separator);
+ smart_str_append_smart_str(dest, url_app);
+ } else {
+ smart_str_append_smart_str(dest, url_app);
+ }
+ if (url_parts->fragment) {
+ smart_str_appendc(dest, '#');
+ smart_str_appends(dest, url_parts->fragment);
+ }
+ php_url_free(url_parts);
}
+enum {
+ TAG_NORMAL = 0,
+ TAG_FORM
+};
+
+enum {
+ ATTR_NORMAL = 0,
+ ATTR_ACTION
+};
#undef YYFILL
#undef YYCTYPE
{
char f = 0;
- if (strncasecmp(ZSTR_VAL(ctx->arg.s), ctx->lookup_data, ZSTR_LEN(ctx->arg.s)) == 0)
+ /* arg.s is string WITHOUT NUL.
+ To avoid partial match, NUL is added here */
+ ZSTR_VAL(ctx->arg.s)[ZSTR_LEN(ctx->arg.s)] = '\0';
+ if (!strcasecmp(ZSTR_VAL(ctx->arg.s), ctx->lookup_data)) {
f = 1;
+ }
- if (quotes)
+ if (quotes) {
smart_str_appendc(&ctx->result, type);
+ }
if (f) {
append_modified_url(&ctx->val, &ctx->result, &ctx->url_app, PG(arg_separator).output);
} else {
smart_str_append_smart_str(&ctx->result, &ctx->val);
}
- if (quotes)
+ if (quotes) {
smart_str_appendc(&ctx->result, type);
+ }
}
enum {
smart_str_appendl(&ctx->result, start, YYCURSOR - start);
}
+
+static int check_http_host(char *target)
+{
+ zval *host, *tmp;
+ zend_string *host_tmp;
+ char *colon;
+
+ if ((tmp = zend_hash_str_find(&EG(symbol_table), ZEND_STRL("_SERVER"))) &&
+ (host = zend_hash_str_find(Z_ARRVAL_P(tmp), ZEND_STRL("HTTP_HOST"))) &&
+ Z_TYPE_P(host) == IS_STRING) {
+ host_tmp = zend_string_init(Z_STRVAL_P(host), Z_STRLEN_P(host), 0);
+ /* HTTP_HOST could be 'localhost:8888' etc. */
+ colon = strchr(ZSTR_VAL(host_tmp), ':');
+ if (colon) {
+ ZSTR_LEN(host_tmp) = colon - ZSTR_VAL(host_tmp);
+ ZSTR_VAL(host_tmp)[ZSTR_LEN(host_tmp)] = '\0';
+ }
+ if (!strcasecmp(ZSTR_VAL(host_tmp), target)) {
+ zend_string_release(host_tmp);
+ return SUCCESS;
+ }
+ zend_string_release(host_tmp);
+ }
+ return FAILURE;
+}
+
+static int check_host_whitelist(url_adapt_state_ex_t *ctx)
+{
+ php_url *url_parts = NULL;
+ HashTable *allowed_hosts = ctx->type ? &BG(url_adapt_session_hosts_ht) : &BG(url_adapt_output_hosts_ht);
+
+ ZEND_ASSERT(ctx->tag_type == TAG_FORM);
+
+ if (ctx->attr_val.s && ZSTR_LEN(ctx->attr_val.s)) {
+ url_parts = php_url_parse_ex(ZSTR_VAL(ctx->attr_val.s), ZSTR_LEN(ctx->attr_val.s));
+ } else {
+ return SUCCESS; /* empty URL is valid */
+ }
+
+ if (!url_parts) {
+ return FAILURE;
+ }
+ if (url_parts->scheme) {
+ /* Only http/https should be handled.
+ A bit hacky check this here, but saves a URL parse. */
+ if (strcasecmp(url_parts->scheme, "http") &&
+ strcasecmp(url_parts->scheme, "https")) {
+ php_url_free(url_parts);
+ return FAILURE;
+ }
+ }
+ if (!url_parts->host) {
+ php_url_free(url_parts);
+ return SUCCESS;
+ }
+ if (!zend_hash_num_elements(allowed_hosts) &&
+ check_http_host(url_parts->host) == SUCCESS) {
+ php_url_free(url_parts);
+ return SUCCESS;
+ }
+ if (!zend_hash_str_find(allowed_hosts,
+ url_parts->host,
+ strlen(url_parts->host))) {
+ php_url_free(url_parts);
+ return FAILURE;
+ }
+ php_url_free(url_parts);
+ return SUCCESS;
+}
+
/*
- * This function appends a hidden input field after a <form> or
- * <fieldset>. The latter is important for XHTML.
+ * This function appends a hidden input field after a <form>.
*/
-
static void handle_form(STD_PARA)
{
int doit = 0;
if (ZSTR_LEN(ctx->form_app.s) > 0) {
switch (ZSTR_LEN(ctx->tag.s)) {
case sizeof("form") - 1:
- if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "form", sizeof("form") - 1)) {
- doit = 1;
- }
- if (doit && ctx->val.s && ctx->lookup_data && *ctx->lookup_data) {
- char *e, *p = (char *)zend_memnstr(ZSTR_VAL(ctx->val.s), "://", sizeof("://") - 1, ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s));
- if (p) {
- e = memchr(p, '/', (ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s)) - p);
- if (!e) {
- e = ZSTR_VAL(ctx->val.s) + ZSTR_LEN(ctx->val.s);
- }
- if ((e - p) && strncasecmp(p, ctx->lookup_data, (e - p))) {
- doit = 0;
- }
- }
- }
- break;
-
- case sizeof("fieldset") - 1:
- if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "fieldset", sizeof("fieldset") - 1)) {
+ if (!strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))
+ && check_host_whitelist(ctx) == SUCCESS) {
doit = 1;
}
break;
}
+ }
- if (doit)
- smart_str_append_smart_str(&ctx->result, &ctx->form_app);
+ if (doit) {
+ smart_str_append_smart_str(&ctx->result, &ctx->form_app);
}
}
for (i = 0; i < ZSTR_LEN(ctx->tag.s); i++)
ZSTR_VAL(ctx->tag.s)[i] = tolower((int)(unsigned char)ZSTR_VAL(ctx->tag.s)[i]);
/* intentionally using str_find here, in case the hash value is set, but the string val is changed later */
- if ((ctx->lookup_data = zend_hash_str_find_ptr(ctx->tags, ZSTR_VAL(ctx->tag.s), ZSTR_LEN(ctx->tag.s))) != NULL)
+ if ((ctx->lookup_data = zend_hash_str_find_ptr(ctx->tags, ZSTR_VAL(ctx->tag.s), ZSTR_LEN(ctx->tag.s))) != NULL) {
ok = 1;
+ if (ZSTR_LEN(ctx->tag.s) == sizeof("form")-1
+ && !strncasecmp(ZSTR_VAL(ctx->tag.s), "form", ZSTR_LEN(ctx->tag.s))) {
+ ctx->tag_type = TAG_FORM;
+ } else {
+ ctx->tag_type = TAG_NORMAL;
+ }
+ }
STATE = ok ? STATE_NEXT_ARG : STATE_PLAIN;
}
ZSTR_LEN(ctx->arg.s) = 0;
}
smart_str_appendl(&ctx->arg, start, YYCURSOR - start);
+ if (ctx->tag_type == TAG_FORM &&
+ strncasecmp(ZSTR_VAL(ctx->arg.s), "action", ZSTR_LEN(ctx->arg.s)) == 0) {
+ ctx->attr_type = ATTR_ACTION;
+ } else {
+ ctx->attr_type = ATTR_NORMAL;
+ }
}
static inline void handle_val(STD_PARA, char quotes, char type)
{
smart_str_setl(&ctx->val, start + quotes, YYCURSOR - start - quotes * 2);
+ if (ctx->tag_type == TAG_FORM && ctx->attr_type == ATTR_ACTION) {
+ smart_str_setl(&ctx->attr_val, start + quotes, YYCURSOR - start - quotes * 2);
+ }
tag_arg(ctx, quotes, type);
}
}
-PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int urlencode)
+PHPAPI char *php_url_scanner_adapt_single_url(const char *url, size_t urllen, const char *name, const char *value, size_t *newlen, int encode)
{
char *result;
smart_str surl = {0};
smart_str_appendl(&surl, url, urllen);
- if (urlencode) {
+ if (encode) {
encoded = php_raw_url_encode(name, strlen(name));
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
zend_string_free(encoded);
smart_str_appends(&url_app, name);
}
smart_str_appendc(&url_app, '=');
- if (urlencode) {
+ if (encode) {
encoded = php_raw_url_encode(value, strlen(value));
smart_str_appendl(&url_app, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
zend_string_free(encoded);
}
-static char *url_adapt_ext(const char *src, size_t srclen, size_t *newlen, zend_bool do_flush)
+static char *url_adapt_ext(const char *src, size_t srclen, size_t *newlen, zend_bool do_flush, url_adapt_state_ex_t *ctx)
{
- url_adapt_state_ex_t *ctx;
char *retval;
- ctx = &BG(url_adapt_state_ex);
-
xx_mainloop(ctx, src, srclen);
if (!ctx->result.s) {
*newlen += ZSTR_LEN(ctx->buf.s);
smart_str_free(&ctx->buf);
smart_str_free(&ctx->val);
+ smart_str_free(&ctx->attr_val);
}
retval = estrndup(ZSTR_VAL(ctx->result.s), ZSTR_LEN(ctx->result.s));
smart_str_free(&ctx->result);
return retval;
}
-static int php_url_scanner_ex_activate(void)
+static int php_url_scanner_ex_activate(int type)
{
url_adapt_state_ex_t *ctx;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
memset(ctx, 0, ((size_t) &((url_adapt_state_ex_t *)0)->tags));
return SUCCESS;
}
-static int php_url_scanner_ex_deactivate(void)
+static int php_url_scanner_ex_deactivate(int type)
{
url_adapt_state_ex_t *ctx;
- ctx = &BG(url_adapt_state_ex);
+ if (type) {
+ ctx = &BG(url_adapt_session_ex);
+ } else {
+ ctx = &BG(url_adapt_output_ex);
+ }
smart_str_free(&ctx->result);
smart_str_free(&ctx->buf);
smart_str_free(&ctx->tag);
smart_str_free(&ctx->arg);
+ smart_str_free(&ctx->attr_val);
return SUCCESS;
}
-static void php_url_scanner_output_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+static inline void php_url_scanner_session_handler_impl(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode, int type)
{
size_t len;
+ url_adapt_state_ex_t *url_state;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ }
- if (ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) != 0) {
- *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0));
+ if (ZSTR_LEN(url_state->url_app.s) != 0) {
+ *handled_output = url_adapt_ext(output, output_len, &len, (zend_bool) (mode & (PHP_OUTPUT_HANDLER_END | PHP_OUTPUT_HANDLER_CONT | PHP_OUTPUT_HANDLER_FLUSH | PHP_OUTPUT_HANDLER_FINAL) ? 1 : 0), url_state);
if (sizeof(uint) < sizeof(size_t)) {
if (len > UINT_MAX)
len = UINT_MAX;
}
*handled_output_len = len;
- } else if (ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) == 0) {
- url_adapt_state_ex_t *ctx = &BG(url_adapt_state_ex);
+ } else if (ZSTR_LEN(url_state->url_app.s) == 0) {
+ url_adapt_state_ex_t *ctx = url_state;
if (ctx->buf.s && ZSTR_LEN(ctx->buf.s)) {
smart_str_append(&ctx->result, ctx->buf.s);
smart_str_appendl(&ctx->result, output, output_len);
}
}
-PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int urlencode)
+static void php_url_scanner_session_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+{
+ php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 1);
+}
+
+static void php_url_scanner_output_handler(char *output, size_t output_len, char **handled_output, size_t *handled_output_len, int mode)
+{
+ php_url_scanner_session_handler_impl(output, output_len, handled_output, handled_output_len, mode, 0);
+}
+
+static inline int php_url_scanner_add_var_impl(char *name, size_t name_len, char *value, size_t value_len, int encode, int type)
{
smart_str sname = {0};
smart_str svalue = {0};
+ smart_str hname = {0};
+ smart_str hvalue = {0};
zend_string *encoded;
+ url_adapt_state_ex_t *url_state;
+ php_output_handler_func_t handler;
- if (!BG(url_adapt_state_ex).active) {
- php_url_scanner_ex_activate();
- php_output_start_internal(ZEND_STRL("URL-Rewriter"), php_url_scanner_output_handler, 0, PHP_OUTPUT_HANDLER_STDFLAGS);
- BG(url_adapt_state_ex).active = 1;
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ handler = php_url_scanner_session_handler;
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ handler = php_url_scanner_output_handler;
}
- if (BG(url_adapt_state_ex).url_app.s && ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) != 0) {
- smart_str_appends(&BG(url_adapt_state_ex).url_app, PG(arg_separator).output);
+ if (!url_state->active) {
+ php_url_scanner_ex_activate(type);
+ php_output_start_internal(ZEND_STRL("URL-Rewriter"), handler, 0, PHP_OUTPUT_HANDLER_STDFLAGS);
+ url_state->active = 1;
}
- if (urlencode) {
+ if (url_state->url_app.s && ZSTR_LEN(url_state->url_app.s) != 0) {
+ smart_str_appends(&url_state->url_app, PG(arg_separator).output);
+ }
+
+ if (encode) {
encoded = php_raw_url_encode(name, name_len);
- smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
- zend_string_free(encoded);
+ smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
encoded = php_raw_url_encode(value, value_len);
- smart_str_appendl(&svalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
- zend_string_free(encoded);
+ smart_str_appendl(&svalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char*)name, name_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char*)value, value_len, 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hvalue, ZSTR_VAL(encoded), ZSTR_LEN(encoded)); zend_string_free(encoded);
} else {
smart_str_appendl(&sname, name, name_len);
smart_str_appendl(&svalue, value, value_len);
+ smart_str_appendl(&hname, name, name_len);
+ smart_str_appendl(&hvalue, value, value_len);
}
- smart_str_append_smart_str(&BG(url_adapt_state_ex).url_app, &sname);
- smart_str_appendc(&BG(url_adapt_state_ex).url_app, '=');
- smart_str_append_smart_str(&BG(url_adapt_state_ex).url_app, &svalue);
+ smart_str_append_smart_str(&url_state->url_app, &sname);
+ smart_str_appendc(&url_state->url_app, '=');
+ smart_str_append_smart_str(&url_state->url_app, &svalue);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "<input type=\"hidden\" name=\"");
- smart_str_append_smart_str(&BG(url_adapt_state_ex).form_app, &sname);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "\" value=\"");
- smart_str_append_smart_str(&BG(url_adapt_state_ex).form_app, &svalue);
- smart_str_appends(&BG(url_adapt_state_ex).form_app, "\" />");
+ smart_str_appends(&url_state->form_app, "<input type=\"hidden\" name=\"");
+ smart_str_append_smart_str(&url_state->form_app, &hname);
+ smart_str_appends(&url_state->form_app, "\" value=\"");
+ smart_str_append_smart_str(&url_state->form_app, &hvalue);
+ smart_str_appends(&url_state->form_app, "\" />");
smart_str_free(&sname);
smart_str_free(&svalue);
+ smart_str_free(&hname);
+ smart_str_free(&hvalue);
return SUCCESS;
}
-PHPAPI int php_url_scanner_reset_vars(void)
+
+PHPAPI int php_url_scanner_add_session_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
+{
+ return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 1);
+}
+
+
+PHPAPI int php_url_scanner_add_var(char *name, size_t name_len, char *value, size_t value_len, int encode)
{
- if (BG(url_adapt_state_ex).form_app.s) {
- ZSTR_LEN(BG(url_adapt_state_ex).form_app.s) = 0;
+ return php_url_scanner_add_var_impl(name, name_len, value, value_len, encode, 0);
+}
+
+
+static inline void php_url_scanner_reset_vars_impl(int type) {
+ url_adapt_state_ex_t *url_state;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ }
+
+ if (url_state->form_app.s) {
+ ZSTR_LEN(url_state->form_app.s) = 0;
}
- if (BG(url_adapt_state_ex).url_app.s) {
- ZSTR_LEN(BG(url_adapt_state_ex).url_app.s) = 0;
+ if (url_state->url_app.s) {
+ ZSTR_LEN(url_state->url_app.s) = 0;
}
+}
+
+PHPAPI int php_url_scanner_reset_session_vars(void)
+{
+ php_url_scanner_reset_vars_impl(1);
+ return SUCCESS;
+}
+
+
+PHPAPI int php_url_scanner_reset_vars(void)
+{
+ php_url_scanner_reset_vars_impl(0);
return SUCCESS;
}
+
+static inline int php_url_scanner_reset_var_impl(zend_string *name, int encode, int type)
+{
+ char *start, *end, *limit;
+ size_t separator_len;
+ smart_str sname = {0};
+ smart_str hname = {0};
+ smart_str url_app = {0};
+ smart_str form_app = {0};
+ zend_string *encoded;
+ int ret = SUCCESS;
+ zend_bool sep_removed = 0;
+ url_adapt_state_ex_t *url_state;
+
+ if (type) {
+ url_state = &BG(url_adapt_session_ex);
+ } else {
+ url_state = &BG(url_adapt_output_ex);
+ }
+
+ /* Short circuit check. Only check url_app. */
+ if (!url_state->url_app.s || !ZSTR_LEN(url_state->url_app.s)) {
+ return SUCCESS;
+ }
+
+ if (encode) {
+ encoded = php_raw_url_encode(ZSTR_VAL(name), ZSTR_LEN(name));
+ smart_str_appendl(&sname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
+ zend_string_free(encoded);
+ encoded = php_escape_html_entities_ex((unsigned char *)ZSTR_VAL(name), ZSTR_LEN(name), 0, ENT_QUOTES|ENT_SUBSTITUTE, SG(default_charset), 0);
+ smart_str_appendl(&hname, ZSTR_VAL(encoded), ZSTR_LEN(encoded));
+ zend_string_free(encoded);
+ } else {
+ smart_str_appendl(&sname, ZSTR_VAL(name), ZSTR_LEN(name));
+ smart_str_appendl(&hname, ZSTR_VAL(name), ZSTR_LEN(name));
+ }
+ smart_str_0(&sname);
+ smart_str_0(&hname);
+
+ smart_str_append_smart_str(&url_app, &sname);
+ smart_str_appendc(&url_app, '=');
+ smart_str_0(&url_app);
+
+ smart_str_appends(&form_app, "<input type=\"hidden\" name=\"");
+ smart_str_append_smart_str(&form_app, &hname);
+ smart_str_appends(&form_app, "\" value=\"");
+ smart_str_0(&form_app);
+
+ /* Short circuit check. Only check url_app. */
+ start = (char *) php_memnstr(ZSTR_VAL(url_state->url_app.s),
+ ZSTR_VAL(url_app.s), ZSTR_LEN(url_app.s),
+ ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s));
+ if (!start) {
+ ret = FAILURE;
+ goto finish;
+ }
+
+ /* Get end of url var */
+ limit = ZSTR_VAL(url_state->url_app.s) + ZSTR_LEN(url_state->url_app.s);
+ end = start + ZSTR_LEN(url_app.s);
+ separator_len = strlen(PG(arg_separator).output);
+ while (end < limit) {
+ if (!memcmp(end, PG(arg_separator).output, separator_len)) {
+ end += separator_len;
+ sep_removed = 1;
+ break;
+ }
+ end++;
+ }
+ /* Remove all when this is the only rewrite var */
+ if (ZSTR_LEN(url_state->url_app.s) == end - start) {
+ php_url_scanner_reset_vars_impl(type);
+ goto finish;
+ }
+ /* Check preceeding separator */
+ if (!sep_removed
+ && start - PG(arg_separator).output >= separator_len
+ && !memcmp(start - separator_len, PG(arg_separator).output, separator_len)) {
+ start -= separator_len;
+ }
+ /* Remove partially */
+ memmove(start, end,
+ ZSTR_LEN(url_state->url_app.s) - (end - ZSTR_VAL(url_state->url_app.s)));
+ ZSTR_LEN(url_state->url_app.s) -= end - start;
+ ZSTR_VAL(url_state->url_app.s)[ZSTR_LEN(url_state->url_app.s)] = '\0';
+
+ /* Remove form var */
+ start = (char *) php_memnstr(ZSTR_VAL(url_state->form_app.s),
+ ZSTR_VAL(form_app.s), ZSTR_LEN(form_app.s),
+ ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s));
+ if (!start) {
+ /* Should not happen */
+ ret = FAILURE;
+ php_url_scanner_reset_vars_impl(type);
+ goto finish;
+ }
+ /* Get end of form var */
+ limit = ZSTR_VAL(url_state->form_app.s) + ZSTR_LEN(url_state->form_app.s);
+ end = start + ZSTR_LEN(form_app.s);
+ while (end < limit) {
+ if (*end == '>') {
+ end += 1;
+ break;
+ }
+ end++;
+ }
+ /* Remove partially */
+ memmove(start, end,
+ ZSTR_LEN(url_state->form_app.s) - (end - ZSTR_VAL(url_state->form_app.s)));
+ ZSTR_LEN(url_state->form_app.s) -= end - start;
+ ZSTR_VAL(url_state->form_app.s)[ZSTR_LEN(url_state->form_app.s)] = '\0';
+
+finish:
+ smart_str_free(&url_app);
+ smart_str_free(&form_app);
+ smart_str_free(&sname);
+ smart_str_free(&hname);
+ return ret;
+}
+
+
+PHPAPI int php_url_scanner_reset_session_var(zend_string *name, int encode)
+{
+ return php_url_scanner_reset_var_impl(name, encode, 1);
+}
+
+
+PHPAPI int php_url_scanner_reset_var(zend_string *name, int encode)
+{
+ return php_url_scanner_reset_var_impl(name, encode, 0);
+}
+
+
PHP_MINIT_FUNCTION(url_scanner)
{
- BG(url_adapt_state_ex).tags = NULL;
+ BG(url_adapt_session_ex).tags = NULL;
+ BG(url_adapt_session_ex).form_app.s = BG(url_adapt_session_ex).url_app.s = NULL;
+ zend_hash_init(&BG(url_adapt_session_hosts_ht), 0, NULL, NULL, 1);
+
+ BG(url_adapt_output_ex).tags = NULL;
+ BG(url_adapt_output_ex).form_app.s = BG(url_adapt_output_ex).url_app.s = NULL;
+ zend_hash_init(&BG(url_adapt_output_hosts_ht), 0, NULL, NULL, 1);
- BG(url_adapt_state_ex).form_app.s = BG(url_adapt_state_ex).url_app.s = NULL;
+ BG(url_adapt_session_ex).type = 1;
+ BG(url_adapt_output_ex).type = 0;
REGISTER_INI_ENTRIES();
return SUCCESS;
PHP_RINIT_FUNCTION(url_scanner)
{
- BG(url_adapt_state_ex).active = 0;
-
+ BG(url_adapt_session_ex).active = 0;
+ BG(url_adapt_session_ex).tag_type = 0;
+ BG(url_adapt_session_ex).attr_type = 0;
+ BG(url_adapt_output_ex).active = 0;
+ BG(url_adapt_output_ex).tag_type = 0;
+ BG(url_adapt_output_ex).attr_type = 0;
return SUCCESS;
}
PHP_RSHUTDOWN_FUNCTION(url_scanner)
{
- if (BG(url_adapt_state_ex).active) {
- php_url_scanner_ex_deactivate();
- BG(url_adapt_state_ex).active = 0;
+ if (BG(url_adapt_session_ex).active) {
+ php_url_scanner_ex_deactivate(1);
+ BG(url_adapt_session_ex).active = 0;
+ BG(url_adapt_session_ex).tag_type = 0;
+ BG(url_adapt_session_ex).attr_type = 0;
}
-
- smart_str_free(&BG(url_adapt_state_ex).form_app);
- smart_str_free(&BG(url_adapt_state_ex).url_app);
+ smart_str_free(&BG(url_adapt_session_ex).form_app);
+ smart_str_free(&BG(url_adapt_session_ex).url_app);
+
+ if (BG(url_adapt_output_ex).active) {
+ php_url_scanner_ex_deactivate(0);
+ BG(url_adapt_output_ex).active = 0;
+ BG(url_adapt_output_ex).tag_type = 0;
+ BG(url_adapt_output_ex).attr_type = 0;
+ }
+ smart_str_free(&BG(url_adapt_output_ex).form_app);
+ smart_str_free(&BG(url_adapt_output_ex).url_app);
return SUCCESS;
}
; Development Value: On
; Production Value: Off
-; url_rewriter.tags
-; Default Value: "a=href,area=href,frame=src,form=,fieldset="
-; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-
; variables_order
; Default Value: "EGPCS"
; Development Value: "GPCS"
; http://php.net/output-handler
;output_handler =
+; URL rewriter function rewrites URL on the fly by using
+; output buffer. You can set target tags by this configuration.
+; "form" tag is special tag. It will add hidden input tag to pass values.
+; Refer to session.trans_sid_tags for usage.
+; Default Value: "form="
+; Development Value: "form="
+; Production Value: "form="
+;url_rewriter.tags
+
+; URL rewriter will not rewrites absolute URL nor form by default. To enable
+; absolute URL rewrite, allowed hosts must be defined at RUNTIME.
+; Refer to session.trans_sid_hosts for more details.
+; Default Value: ""
+; Development Value: ""
+; Production Value: ""
+;url_rewriter.hosts
+
; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; http://php.net/session.use-trans-sid
session.use_trans_sid = 0
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; <form> is special; if you include them here, the rewriter will
+; add a hidden <input> field with the info which is otherwise appended
+; to URLs. <form> tag's action attribute URL will not be modified
+; unless it is specified.
+; Note that all valid entries require a "=", even if no value follows.
+; Default Value: "a=href,area=href,frame=src,form="
+; Development Value: "a=href,area=href,frame=src,form="
+; Production Value: "a=href,area=href,frame=src,form="
+; http://php.net/url-rewriter.tags
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+
+; URL rewriter does not rewrite absolute URLs by default.
+; To enable rewrites for absolute pathes, target hosts must be specified
+; at RUNTIME. i.e. use ini_set()
+; <form> tags is special. PHP will check action attribute's URL regardless
+; of session.trans_sid_tags setting.
+; If no host is defined, HTTP_HOST will be used for allowed host.
+; Example value: php.net,www.php.net,wiki.php.net
+; Use "," for multiple hosts. No spaces are allowed.
+; Default Value: ""
+; Development Value: ""
+; Production Value: ""
+;session.trans_sid_hosts=""
+
; Select a hash function for use in generating session ids.
; Possible Values
; 0 (MD5 128 bits)
; http://php.net/session.hash-bits-per-character
session.hash_bits_per_character = 5
-; The URL rewriter will look for URLs in a defined set of HTML tags.
-; form/fieldset are special; if you include them here, the rewriter will
-; add a hidden <input> field with the info which is otherwise appended
-; to URLs. If you want XHTML conformity, remove the form entry.
-; Note that all valid entries require a "=", even if no value follows.
-; Default Value: "a=href,area=href,frame=src,form=,fieldset="
-; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; http://php.net/url-rewriter.tags
-url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
-
; Enable upload progress tracking in $_SESSION
; Default Value: On
; Development Value: On
; Development Value: On
; Production Value: Off
-; url_rewriter.tags
-; Default Value: "a=href,area=href,frame=src,form=,fieldset="
-; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-
; variables_order
; Default Value: "EGPCS"
; Development Value: "GPCS"
; http://php.net/output-handler
;output_handler =
+; URL rewriter function rewrites URL on the fly by using
+; output buffer. You can set target tags by this configuration.
+; "form" tag is special tag. It will add hidden input tag to pass values.
+; Refer to session.trans_sid_tags for usage.
+; Default Value: "form="
+; Development Value: "form="
+; Production Value: "form="
+;url_rewriter.tags
+
+; URL rewriter will not rewrites absolute URL nor form by default. To enable
+; absolute URL rewrite, allowed hosts must be defined at RUNTIME.
+; Refer to session.trans_sid_hosts for more details.
+; Default Value: ""
+; Development Value: ""
+; Production Value: ""
+;url_rewriter.hosts
+
; Transparent output compression using the zlib library
; Valid values for this option are 'off', 'on', or a specific buffer size
; to be used for compression (default is 4KB)
; http://php.net/session.use-trans-sid
session.use_trans_sid = 0
+; The URL rewriter will look for URLs in a defined set of HTML tags.
+; <form> is special; if you include them here, the rewriter will
+; add a hidden <input> field with the info which is otherwise appended
+; to URLs. <form> tag's action attribute URL will not be modified
+; unless it is specified.
+; Note that all valid entries require a "=", even if no value follows.
+; Default Value: "a=href,area=href,frame=src,form="
+; Development Value: "a=href,area=href,frame=src,form="
+; Production Value: "a=href,area=href,frame=src,form="
+; http://php.net/url-rewriter.tags
+session.trans_sid_tags = "a=href,area=href,frame=src,form="
+
+; URL rewriter does not rewrite absolute URLs by default.
+; To enable rewrites for absolute pathes, target hosts must be specified
+; at RUNTIME. i.e. use ini_set()
+; <form> tags is special. PHP will check action attribute's URL regardless
+; of session.trans_sid_tags setting.
+; If no host is defined, HTTP_HOST will be used for allowed host.
+; Example value: php.net,www.php.net,wiki.php.net
+; Use "," for multiple hosts. No spaces are allowed.
+; Default Value: ""
+; Development Value: ""
+; Production Value: ""
+;session.trans_sid_hosts=""
+
; Select a hash function for use in generating session ids.
; Possible Values
; 0 (MD5 128 bits)
; http://php.net/session.hash-bits-per-character
session.hash_bits_per_character = 5
-; The URL rewriter will look for URLs in a defined set of HTML tags.
-; form/fieldset are special; if you include them here, the rewriter will
-; add a hidden <input> field with the info which is otherwise appended
-; to URLs. If you want XHTML conformity, remove the form entry.
-; Note that all valid entries require a "=", even if no value follows.
-; Default Value: "a=href,area=href,frame=src,form=,fieldset="
-; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry"
-; http://php.net/url-rewriter.tags
-url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
-
; Enable upload progress tracking in $_SESSION
; Default Value: On
; Development Value: On
projects / php / commitdiff