Fossil SCM

Return a 404-Not Found error on any attempt to access a "draft" skin that is not defined.

drh 2022-02-15 21:46 trunk
Commit de320cc33e97a7043b31bcf1b8517ee7531207d22fc0dce54ecd7332fc2b78cd
Parent e514eeea8f8598a…
1 file changed +26 -14
~ src/main.c
M src/main.c
+26 -14
--- src/main.c
+++ src/main.c
@@ -1596,10 +1596,30 @@
15961596
 cgi_redirect_with_status(zURL, 301, "Moved Permanently");
15971597
 return 1;
15981598
 }
15991599
 return 0;
16001600
 }
1601
+
1602
+/*
1603
+** Send a 404 Not Found reply
1604
+*/
1605
+void fossil_not_found_page(void){
1606
+#ifdef FOSSIL_ENABLE_JSON
1607
+ if(g.json.isJsonMode){
1608
+ json_err(FSL_JSON_E_RESOURCE_NOT_FOUND,NULL,1);
1609
+ return;
1610
+ }
1611
+#endif
1612
+ @ <html><head>
1613
+ @ <meta name="viewport" \
1614
+ @ content="width=device-width, initial-scale=1.0">
1615
+ @ </head><body>
1616
+ @ <h1>Not Found</h1>
1617
+ @ </body>
1618
+ cgi_set_status(404, "Not Found");
1619
+ cgi_reply();
1620
+}
16011621
16021622
 /*
16031623
 ** Preconditions:
16041624
 **
16051625
 ** * Environment variables are set up according to the CGI standard.
@@ -1819,24 +1839,11 @@
18191839
 && repo_list_page() ){
18201840
 /* Will return a list of repositories */
18211841
 }else if( zNotFound ){
18221842
 cgi_redirect(zNotFound);
18231843
 }else{
1824
-#ifdef FOSSIL_ENABLE_JSON
1825
- if(g.json.isJsonMode){
1826
- json_err(FSL_JSON_E_RESOURCE_NOT_FOUND,NULL,1);
1827
- return;
1828
- }
1829
-#endif
1830
- @ <html><head>
1831
- @ <meta name="viewport" \
1832
- @ content="width=device-width, initial-scale=1.0">
1833
- @ </head><body>
1834
- @ <h1>Not Found</h1>
1835
- @ </body>
1836
- cgi_set_status(404, "Not Found");
1837
- cgi_reply();
1844
+ fossil_not_found_page();
18381845
 }
18391846
 return;
18401847
 }
18411848
 break;
18421849
 }
@@ -1887,10 +1894,15 @@
18871894
 && zPathInfo[6]>='1' && zPathInfo[6]<='9'
18881895
 && (zPathInfo[7]=='/' || zPathInfo[7]==0)
18891896
 ){
18901897
 int iSkin = zPathInfo[6] - '0';
18911898
 char *zNewScript;
1899
+ if( db_int(0,"SELECT count(*) FROM config WHERE name GLOB 'draft%d-*'",
1900
+ iSkin)<5 ){
1901
+ fossil_not_found_page();
1902
+ fossil_exit(0);
1903
+ }
18921904
 skin_use_draft(iSkin);
18931905
 zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
18941906
 if( g.zTop ) g.zTop = mprintf("%R/draft%d", iSkin);
18951907
 if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
18961908
 zPathInfo += 7;
18971909
--- src/main.c
+++ src/main.c
@@ -1596,10 +1596,30 @@
1596 cgi_redirect_with_status(zURL, 301, "Moved Permanently");
1597 return 1;
1598 }
1599 return 0;
1600 }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1601
1602 /*
1603 ** Preconditions:
1604 **
1605 ** * Environment variables are set up according to the CGI standard.
@@ -1819,24 +1839,11 @@
1819 && repo_list_page() ){
1820 /* Will return a list of repositories */
1821 }else if( zNotFound ){
1822 cgi_redirect(zNotFound);
1823 }else{
1824 #ifdef FOSSIL_ENABLE_JSON
1825 if(g.json.isJsonMode){
1826 json_err(FSL_JSON_E_RESOURCE_NOT_FOUND,NULL,1);
1827 return;
1828 }
1829 #endif
1830 @ <html><head>
1831 @ <meta name="viewport" \
1832 @ content="width=device-width, initial-scale=1.0">
1833 @ </head><body>
1834 @ <h1>Not Found</h1>
1835 @ </body>
1836 cgi_set_status(404, "Not Found");
1837 cgi_reply();
1838 }
1839 return;
1840 }
1841 break;
1842 }
@@ -1887,10 +1894,15 @@
1887 && zPathInfo[6]>='1' && zPathInfo[6]<='9'
1888 && (zPathInfo[7]=='/' || zPathInfo[7]==0)
1889 ){
1890 int iSkin = zPathInfo[6] - '0';
1891 char *zNewScript;
 
 
 
 
 
1892 skin_use_draft(iSkin);
1893 zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
1894 if( g.zTop ) g.zTop = mprintf("%R/draft%d", iSkin);
1895 if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
1896 zPathInfo += 7;
1897
--- src/main.c
+++ src/main.c
@@ -1596,10 +1596,30 @@
1596 cgi_redirect_with_status(zURL, 301, "Moved Permanently");
1597 return 1;
1598 }
1599 return 0;
1600 }
1601
1602 /*
1603 ** Send a 404 Not Found reply
1604 */
1605 void fossil_not_found_page(void){
1606 #ifdef FOSSIL_ENABLE_JSON
1607 if(g.json.isJsonMode){
1608 json_err(FSL_JSON_E_RESOURCE_NOT_FOUND,NULL,1);
1609 return;
1610 }
1611 #endif
1612 @ <html><head>
1613 @ <meta name="viewport" \
1614 @ content="width=device-width, initial-scale=1.0">
1615 @ </head><body>
1616 @ <h1>Not Found</h1>
1617 @ </body>
1618 cgi_set_status(404, "Not Found");
1619 cgi_reply();
1620 }
1621
1622 /*
1623 ** Preconditions:
1624 **
1625 ** * Environment variables are set up according to the CGI standard.
@@ -1819,24 +1839,11 @@
1839 && repo_list_page() ){
1840 /* Will return a list of repositories */
1841 }else if( zNotFound ){
1842 cgi_redirect(zNotFound);
1843 }else{
1844 fossil_not_found_page();
 
 
 
 
 
 
 
 
 
 
 
 
 
1845 }
1846 return;
1847 }
1848 break;
1849 }
@@ -1887,10 +1894,15 @@
1894 && zPathInfo[6]>='1' && zPathInfo[6]<='9'
1895 && (zPathInfo[7]=='/' || zPathInfo[7]==0)
1896 ){
1897 int iSkin = zPathInfo[6] - '0';
1898 char *zNewScript;
1899 if( db_int(0,"SELECT count(*) FROM config WHERE name GLOB 'draft%d-*'",
1900 iSkin)<5 ){
1901 fossil_not_found_page();
1902 fossil_exit(0);
1903 }
1904 skin_use_draft(iSkin);
1905 zNewScript = mprintf("%T/draft%d", P("SCRIPT_NAME"), iSkin);
1906 if( g.zTop ) g.zTop = mprintf("%R/draft%d", iSkin);
1907 if( g.zBaseURL ) g.zBaseURL = mprintf("%s/draft%d", g.zBaseURL, iSkin);
1908 zPathInfo += 7;
1909

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button