Added optional URL filtering code to the CFS web server contributed by Kajtar Zsolt (and activated it by default).
This commit is contained in:
parent
62e6882946
commit
eae42d02d5
|
@ -30,7 +30,7 @@
|
||||||
*
|
*
|
||||||
* Author: Adam Dunkels <adam@sics.se>
|
* Author: Adam Dunkels <adam@sics.se>
|
||||||
*
|
*
|
||||||
* $Id: httpd-cfs.c,v 1.20 2010/04/11 15:19:34 oliverschmidt Exp $
|
* $Id: httpd-cfs.c,v 1.21 2010/04/11 19:18:47 oliverschmidt Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
@ -45,6 +45,7 @@ int snprintf(char *str, size_t size, const char *format, ...);
|
||||||
#include "cfs/cfs.h"
|
#include "cfs/cfs.h"
|
||||||
#include "lib/petsciiconv.h"
|
#include "lib/petsciiconv.h"
|
||||||
#include "http-strings.h"
|
#include "http-strings.h"
|
||||||
|
#include "urlconv.h"
|
||||||
|
|
||||||
#include "httpd-cfs.h"
|
#include "httpd-cfs.h"
|
||||||
|
|
||||||
|
@ -54,6 +55,12 @@ int snprintf(char *str, size_t size, const char *format, ...);
|
||||||
#define CONNS WEBSERVER_CONF_CFS_CONNS
|
#define CONNS WEBSERVER_CONF_CFS_CONNS
|
||||||
#endif /* WEBSERVER_CONF_CFS_CONNS */
|
#endif /* WEBSERVER_CONF_CFS_CONNS */
|
||||||
|
|
||||||
|
#ifndef WEBSERVER_CONF_CFS_URLCONV
|
||||||
|
#define URLCONV 1
|
||||||
|
#else /* WEBSERVER_CONF_CFS_URLCONV */
|
||||||
|
#define URLCONV WEBSERVER_CONF_CFS_URLCONV
|
||||||
|
#endif /* WEBSERVER_CONF_CFS_URLCONV */
|
||||||
|
|
||||||
#define STATE_WAITING 0
|
#define STATE_WAITING 0
|
||||||
#define STATE_OUTPUT 1
|
#define STATE_OUTPUT 1
|
||||||
|
|
||||||
|
@ -174,12 +181,17 @@ PT_THREAD(handle_input(struct httpd_state *s))
|
||||||
PSOCK_CLOSE_EXIT(&s->sin);
|
PSOCK_CLOSE_EXIT(&s->sin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if URLCONV
|
||||||
|
s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0;
|
||||||
|
urlconv_tofilename(s->filename, s->inputbuf, sizeof(s->filename));
|
||||||
|
#else /* URLCONV */
|
||||||
if(s->inputbuf[1] == ISO_space) {
|
if(s->inputbuf[1] == ISO_space) {
|
||||||
strncpy(s->filename, http_index_html, sizeof(s->filename));
|
strncpy(s->filename, http_index_html, sizeof(s->filename));
|
||||||
} else {
|
} else {
|
||||||
s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0;
|
s->inputbuf[PSOCK_DATALEN(&s->sin) - 1] = 0;
|
||||||
strncpy(s->filename, s->inputbuf, sizeof(s->filename));
|
strncpy(s->filename, s->inputbuf, sizeof(s->filename));
|
||||||
}
|
}
|
||||||
|
#endif /* URLCONV */
|
||||||
|
|
||||||
petsciiconv_topetscii(s->filename, sizeof(s->filename));
|
petsciiconv_topetscii(s->filename, sizeof(s->filename));
|
||||||
webserver_log_file(&uip_conn->ripaddr, s->filename);
|
webserver_log_file(&uip_conn->ripaddr, s->filename);
|
||||||
|
|
134
apps/webserver/urlconv.c
Normal file
134
apps/webserver/urlconv.c
Normal file
|
@ -0,0 +1,134 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2010, Kajtar Zsolt <soci@c64.rulez.org>.
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. Neither the name of the Institute nor the names of its contributors
|
||||||
|
* may be used to endorse or promote products derived from this software
|
||||||
|
* without specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* This file is part of the Contiki operating system.
|
||||||
|
*
|
||||||
|
* Author: Kajtar Zsolt <soci@c64.rulez.org>
|
||||||
|
*
|
||||||
|
* $Id: urlconv.c,v 1.1 2010/04/11 19:18:47 oliverschmidt Exp $
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
|
||||||
|
#include "http-strings.h"
|
||||||
|
|
||||||
|
#define ISO_number 0x23
|
||||||
|
#define ISO_percent 0x25
|
||||||
|
#define ISO_period 0x2e
|
||||||
|
#define ISO_slash 0x2f
|
||||||
|
#define ISO_question 0x3f
|
||||||
|
|
||||||
|
/*---------------------------------------------------------------------------*/
|
||||||
|
/* URL to filename conversion
|
||||||
|
*
|
||||||
|
* normalizes path by removing "/./"
|
||||||
|
* interprets "/../" and calculates path accordingly
|
||||||
|
* resulting path is always absolute
|
||||||
|
* replaces "%AB" notation with characters
|
||||||
|
* strips "#fragment" and "?query" from end
|
||||||
|
* replaces multiple slashes with a single one
|
||||||
|
* rejects non-ASCII characters
|
||||||
|
*
|
||||||
|
* MAXLEN is including trailing zero!
|
||||||
|
* input and output is ASCII
|
||||||
|
*/
|
||||||
|
void
|
||||||
|
urlconv_tofilename(char *dest, char *source, unsigned char maxlen)
|
||||||
|
{
|
||||||
|
static unsigned char len;
|
||||||
|
static unsigned char c, hex1;
|
||||||
|
static unsigned char *from, *to;
|
||||||
|
|
||||||
|
len = 0;
|
||||||
|
from = source; to = dest;
|
||||||
|
*to = ISO_slash;
|
||||||
|
maxlen -= 2;
|
||||||
|
do {
|
||||||
|
c = *(from++);
|
||||||
|
switch(c) {
|
||||||
|
case ISO_number:
|
||||||
|
case ISO_question:
|
||||||
|
c = 0;
|
||||||
|
break;
|
||||||
|
case ISO_percent:
|
||||||
|
c = 0;
|
||||||
|
hex1 = (*(from++) | 0x20) ^ 0x30; // ascii only!
|
||||||
|
if(hex1 > 0x50 && hex1 < 0x57)
|
||||||
|
hex1 -= 0x47;
|
||||||
|
else
|
||||||
|
if(hex1 > 9)
|
||||||
|
break; // invalid hex
|
||||||
|
c = (*(from++) | 0x20) ^ 0x30; // ascii only!
|
||||||
|
if(c > 0x50 && c < 0x57)
|
||||||
|
c -= 0x47;
|
||||||
|
else
|
||||||
|
if(c > 9)
|
||||||
|
break; // invalid hex
|
||||||
|
c |= hex1 << 4;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(c < 0x20 || c > 0x7e)
|
||||||
|
c = 0; // non ascii?!
|
||||||
|
if(len >= maxlen)
|
||||||
|
c = 0; // too long?
|
||||||
|
|
||||||
|
if(c == ISO_slash || !c) {
|
||||||
|
switch(*to) {
|
||||||
|
case ISO_slash:
|
||||||
|
continue; // no repeated slash
|
||||||
|
case ISO_period:
|
||||||
|
switch(to[-1]) {
|
||||||
|
case ISO_slash: // handle "./"
|
||||||
|
--to; --len;
|
||||||
|
continue;
|
||||||
|
case ISO_period:
|
||||||
|
if(to[-2] == ISO_slash) {
|
||||||
|
to -= 2; len -= 2;
|
||||||
|
if(len) {
|
||||||
|
do {
|
||||||
|
--to; --len;
|
||||||
|
} while(*to != ISO_slash);
|
||||||
|
}
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(c) {
|
||||||
|
++to; ++len;
|
||||||
|
*to = c;
|
||||||
|
}
|
||||||
|
} while(c);
|
||||||
|
if(*to == ISO_slash && (len + sizeof(http_index_html) - 3) < maxlen) {
|
||||||
|
strcpy(to, http_index_html); // add index.html
|
||||||
|
} else {
|
||||||
|
++to;
|
||||||
|
*to = 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
/*---------------------------------------------------------------------------*/
|
40
apps/webserver/urlconv.h
Normal file
40
apps/webserver/urlconv.h
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
/*
|
||||||
|
* Copyright (c) 2010, Kajtar Zsolt <soci@c64.rulez.org>.
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. Neither the name of the Institute nor the names of its contributors
|
||||||
|
* may be used to endorse or promote products derived from this software
|
||||||
|
* without specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||||
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||||
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||||
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||||
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||||
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||||
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||||
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||||
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||||
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
|
* SUCH DAMAGE.
|
||||||
|
*
|
||||||
|
* This file is part of the Contiki operating system.
|
||||||
|
*
|
||||||
|
* $Id: urlconv.h,v 1.1 2010/04/11 19:18:47 oliverschmidt Exp $
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef __URLCONV_H__
|
||||||
|
#define __URLCONV_H__
|
||||||
|
|
||||||
|
void urlconv_tofilename(char *dest, char *source, unsigned char maxlen);
|
||||||
|
|
||||||
|
#endif /* __URLCONV_H__ */
|
|
@ -12,7 +12,7 @@ APPS = webserver
|
||||||
|
|
||||||
ifeq ($(HTTPD-CFS),1)
|
ifeq ($(HTTPD-CFS),1)
|
||||||
override webserver_src = webserver-nogui.c http-strings.c psock.c memb.c \
|
override webserver_src = webserver-nogui.c http-strings.c psock.c memb.c \
|
||||||
httpd-cfs.c
|
httpd-cfs.c urlconv.c
|
||||||
endif
|
endif
|
||||||
|
|
||||||
CONTIKI = ../..
|
CONTIKI = ../..
|
||||||
|
|
Loading…
Reference in a new issue