Fossil SCM
Add the 'insertCsrf' and 'verifyCsrf' commands to TH1.
Commit
f8820eff4e0807e1526ce0392b50755e8051e7e8
Parent
3c47e0c66a60c2c…
2 files changed
+45
+21
+45
| --- src/th_main.c | ||
| +++ src/th_main.c | ||
| @@ -451,10 +451,53 @@ | ||
| 451 | 451 | } |
| 452 | 452 | cgi_redirect(argv[1]); |
| 453 | 453 | Th_SetResult(interp, argv[1], argl[1]); /* NOT REACHED */ |
| 454 | 454 | return TH_OK; |
| 455 | 455 | } |
| 456 | + | |
| 457 | +/* | |
| 458 | +** TH1 command: insertCsrf | |
| 459 | +** | |
| 460 | +** While rendering a form, call this command to add the Anti-CSRF token | |
| 461 | +** as a hidden element of the form. | |
| 462 | +*/ | |
| 463 | +static int insertCsrfCmd( | |
| 464 | + Th_Interp *interp, | |
| 465 | + void *p, | |
| 466 | + int argc, | |
| 467 | + const char **argv, | |
| 468 | + int *argl | |
| 469 | +){ | |
| 470 | + if( argc!=1 ){ | |
| 471 | + return Th_WrongNumArgs(interp, "insertCsrf"); | |
| 472 | + } | |
| 473 | + login_insert_csrf_secret(); | |
| 474 | + return TH_OK; | |
| 475 | +} | |
| 476 | + | |
| 477 | +/* | |
| 478 | +** TH1 command: verifyCsrf | |
| 479 | +** | |
| 480 | +** Before using the results of a form, first call this command to verify | |
| 481 | +** that this Anti-CSRF token is present and is valid. If the Anti-CSRF token | |
| 482 | +** is missing or is incorrect, that indicates a cross-site scripting attack. | |
| 483 | +** If the event of an attack is detected, an error message is generated and | |
| 484 | +** all further processing is aborted. | |
| 485 | +*/ | |
| 486 | +static int verifyCsrfCmd( | |
| 487 | + Th_Interp *interp, | |
| 488 | + void *p, | |
| 489 | + int argc, | |
| 490 | + const char **argv, | |
| 491 | + int *argl | |
| 492 | +){ | |
| 493 | + if( argc!=1 ){ | |
| 494 | + return Th_WrongNumArgs(interp, "verifyCsrf"); | |
| 495 | + } | |
| 496 | + login_verify_csrf_secret(); | |
| 497 | + return TH_OK; | |
| 498 | +} | |
| 456 | 499 | |
| 457 | 500 | /* |
| 458 | 501 | ** TH1 command: markdown STRING |
| 459 | 502 | ** |
| 460 | 503 | ** Renders the input string as markdown. The result is a two-element list. |
| @@ -1788,10 +1831,11 @@ | ||
| 1788 | 1831 | {"hascap", hascapCmd, (void*)&zeroInt}, |
| 1789 | 1832 | {"hasfeature", hasfeatureCmd, 0}, |
| 1790 | 1833 | {"html", putsCmd, (void*)&aFlags[0]}, |
| 1791 | 1834 | {"htmlize", htmlizeCmd, 0}, |
| 1792 | 1835 | {"http", httpCmd, 0}, |
| 1836 | + {"insertCsrf", insertCsrfCmd, 0}, | |
| 1793 | 1837 | {"linecount", linecntCmd, 0}, |
| 1794 | 1838 | {"markdown", markdownCmd, 0}, |
| 1795 | 1839 | {"puts", putsCmd, (void*)&aFlags[1]}, |
| 1796 | 1840 | {"query", queryCmd, 0}, |
| 1797 | 1841 | {"randhex", randhexCmd, 0}, |
| @@ -1807,10 +1851,11 @@ | ||
| 1807 | 1851 | {"styleFooter", styleFooterCmd, 0}, |
| 1808 | 1852 | {"tclReady", tclReadyCmd, 0}, |
| 1809 | 1853 | {"trace", traceCmd, 0}, |
| 1810 | 1854 | {"stime", stimeCmd, 0}, |
| 1811 | 1855 | {"utime", utimeCmd, 0}, |
| 1856 | + {"verifyCsrf", verifyCsrfCmd, 0}, | |
| 1812 | 1857 | {"wiki", wikiCmd, (void*)&aFlags[0]}, |
| 1813 | 1858 | {0, 0, 0} |
| 1814 | 1859 | }; |
| 1815 | 1860 | if( g.thTrace ){ |
| 1816 | 1861 | Th_Trace("th1-init 0x%x => 0x%x<br />\n", g.th1Flags, flags); |
| 1817 | 1862 |
| --- src/th_main.c | |
| +++ src/th_main.c | |
| @@ -451,10 +451,53 @@ | |
| 451 | } |
| 452 | cgi_redirect(argv[1]); |
| 453 | Th_SetResult(interp, argv[1], argl[1]); /* NOT REACHED */ |
| 454 | return TH_OK; |
| 455 | } |
| 456 | |
| 457 | /* |
| 458 | ** TH1 command: markdown STRING |
| 459 | ** |
| 460 | ** Renders the input string as markdown. The result is a two-element list. |
| @@ -1788,10 +1831,11 @@ | |
| 1788 | {"hascap", hascapCmd, (void*)&zeroInt}, |
| 1789 | {"hasfeature", hasfeatureCmd, 0}, |
| 1790 | {"html", putsCmd, (void*)&aFlags[0]}, |
| 1791 | {"htmlize", htmlizeCmd, 0}, |
| 1792 | {"http", httpCmd, 0}, |
| 1793 | {"linecount", linecntCmd, 0}, |
| 1794 | {"markdown", markdownCmd, 0}, |
| 1795 | {"puts", putsCmd, (void*)&aFlags[1]}, |
| 1796 | {"query", queryCmd, 0}, |
| 1797 | {"randhex", randhexCmd, 0}, |
| @@ -1807,10 +1851,11 @@ | |
| 1807 | {"styleFooter", styleFooterCmd, 0}, |
| 1808 | {"tclReady", tclReadyCmd, 0}, |
| 1809 | {"trace", traceCmd, 0}, |
| 1810 | {"stime", stimeCmd, 0}, |
| 1811 | {"utime", utimeCmd, 0}, |
| 1812 | {"wiki", wikiCmd, (void*)&aFlags[0]}, |
| 1813 | {0, 0, 0} |
| 1814 | }; |
| 1815 | if( g.thTrace ){ |
| 1816 | Th_Trace("th1-init 0x%x => 0x%x<br />\n", g.th1Flags, flags); |
| 1817 |
| --- src/th_main.c | |
| +++ src/th_main.c | |
| @@ -451,10 +451,53 @@ | |
| 451 | } |
| 452 | cgi_redirect(argv[1]); |
| 453 | Th_SetResult(interp, argv[1], argl[1]); /* NOT REACHED */ |
| 454 | return TH_OK; |
| 455 | } |
| 456 | |
| 457 | /* |
| 458 | ** TH1 command: insertCsrf |
| 459 | ** |
| 460 | ** While rendering a form, call this command to add the Anti-CSRF token |
| 461 | ** as a hidden element of the form. |
| 462 | */ |
| 463 | static int insertCsrfCmd( |
| 464 | Th_Interp *interp, |
| 465 | void *p, |
| 466 | int argc, |
| 467 | const char **argv, |
| 468 | int *argl |
| 469 | ){ |
| 470 | if( argc!=1 ){ |
| 471 | return Th_WrongNumArgs(interp, "insertCsrf"); |
| 472 | } |
| 473 | login_insert_csrf_secret(); |
| 474 | return TH_OK; |
| 475 | } |
| 476 | |
| 477 | /* |
| 478 | ** TH1 command: verifyCsrf |
| 479 | ** |
| 480 | ** Before using the results of a form, first call this command to verify |
| 481 | ** that this Anti-CSRF token is present and is valid. If the Anti-CSRF token |
| 482 | ** is missing or is incorrect, that indicates a cross-site scripting attack. |
| 483 | ** If the event of an attack is detected, an error message is generated and |
| 484 | ** all further processing is aborted. |
| 485 | */ |
| 486 | static int verifyCsrfCmd( |
| 487 | Th_Interp *interp, |
| 488 | void *p, |
| 489 | int argc, |
| 490 | const char **argv, |
| 491 | int *argl |
| 492 | ){ |
| 493 | if( argc!=1 ){ |
| 494 | return Th_WrongNumArgs(interp, "verifyCsrf"); |
| 495 | } |
| 496 | login_verify_csrf_secret(); |
| 497 | return TH_OK; |
| 498 | } |
| 499 | |
| 500 | /* |
| 501 | ** TH1 command: markdown STRING |
| 502 | ** |
| 503 | ** Renders the input string as markdown. The result is a two-element list. |
| @@ -1788,10 +1831,11 @@ | |
| 1831 | {"hascap", hascapCmd, (void*)&zeroInt}, |
| 1832 | {"hasfeature", hasfeatureCmd, 0}, |
| 1833 | {"html", putsCmd, (void*)&aFlags[0]}, |
| 1834 | {"htmlize", htmlizeCmd, 0}, |
| 1835 | {"http", httpCmd, 0}, |
| 1836 | {"insertCsrf", insertCsrfCmd, 0}, |
| 1837 | {"linecount", linecntCmd, 0}, |
| 1838 | {"markdown", markdownCmd, 0}, |
| 1839 | {"puts", putsCmd, (void*)&aFlags[1]}, |
| 1840 | {"query", queryCmd, 0}, |
| 1841 | {"randhex", randhexCmd, 0}, |
| @@ -1807,10 +1851,11 @@ | |
| 1851 | {"styleFooter", styleFooterCmd, 0}, |
| 1852 | {"tclReady", tclReadyCmd, 0}, |
| 1853 | {"trace", traceCmd, 0}, |
| 1854 | {"stime", stimeCmd, 0}, |
| 1855 | {"utime", utimeCmd, 0}, |
| 1856 | {"verifyCsrf", verifyCsrfCmd, 0}, |
| 1857 | {"wiki", wikiCmd, (void*)&aFlags[0]}, |
| 1858 | {0, 0, 0} |
| 1859 | }; |
| 1860 | if( g.thTrace ){ |
| 1861 | Th_Trace("th1-init 0x%x => 0x%x<br />\n", g.th1Flags, flags); |
| 1862 |
+21
| --- www/th1.md | ||
| +++ www/th1.md | ||
| @@ -150,10 +150,11 @@ | ||
| 150 | 150 | * hasfeature |
| 151 | 151 | * html |
| 152 | 152 | * htmlize |
| 153 | 153 | * http |
| 154 | 154 | * httpize |
| 155 | + * insertCsrf | |
| 155 | 156 | * linecount |
| 156 | 157 | * markdown |
| 157 | 158 | * puts |
| 158 | 159 | * query |
| 159 | 160 | * randhex |
| @@ -174,10 +175,11 @@ | ||
| 174 | 175 | * tclMakeSafe |
| 175 | 176 | * tclReady |
| 176 | 177 | * trace |
| 177 | 178 | * stime |
| 178 | 179 | * utime |
| 180 | + * verifyCsrf | |
| 179 | 181 | * wiki |
| 180 | 182 | |
| 181 | 183 | Each of the commands above is documented by a block comment above their |
| 182 | 184 | implementation in the th\_main.c or th\_tcl.c source files. |
| 183 | 185 | |
| @@ -379,10 +381,18 @@ | ||
| 379 | 381 | |
| 380 | 382 | * httpize STRING |
| 381 | 383 | |
| 382 | 384 | Escape all characters of STRING which have special meaning in URI |
| 383 | 385 | components. Returns the escaped string. |
| 386 | + | |
| 387 | +<a name="insertCsrf"></a>TH1 insertCsrf Command | |
| 388 | +----------------------------------------------- | |
| 389 | + | |
| 390 | + * insertCsrf | |
| 391 | + | |
| 392 | +While rendering a form, call this command to add the Anti-CSRF token | |
| 393 | +as a hidden element of the form. | |
| 384 | 394 | |
| 385 | 395 | <a name="linecount"></a>TH1 linecount Command |
| 386 | 396 | --------------------------------------------- |
| 387 | 397 | |
| 388 | 398 | * linecount STRING MAX MIN |
| @@ -607,10 +617,21 @@ | ||
| 607 | 617 | |
| 608 | 618 | * utime |
| 609 | 619 | |
| 610 | 620 | Returns the number of microseconds of CPU time consumed by the current |
| 611 | 621 | process in user space. |
| 622 | + | |
| 623 | +<a name="verifyCsrf"></a>TH1 verifyCsrf Command | |
| 624 | +----------------------------------------------- | |
| 625 | + | |
| 626 | + * verifyCsrf | |
| 627 | + | |
| 628 | +Before using the results of a form, first call this command to verify | |
| 629 | +that this Anti-CSRF token is present and is valid. If the Anti-CSRF token | |
| 630 | +is missing or is incorrect, that indicates a cross-site scripting attack. | |
| 631 | +If the event of an attack is detected, an error message is generated and | |
| 632 | +all further processing is aborted. | |
| 612 | 633 | |
| 613 | 634 | <a name="wiki"></a>TH1 wiki Command |
| 614 | 635 | ----------------------------------- |
| 615 | 636 | |
| 616 | 637 | * wiki STRING |
| 617 | 638 |
| --- www/th1.md | |
| +++ www/th1.md | |
| @@ -150,10 +150,11 @@ | |
| 150 | * hasfeature |
| 151 | * html |
| 152 | * htmlize |
| 153 | * http |
| 154 | * httpize |
| 155 | * linecount |
| 156 | * markdown |
| 157 | * puts |
| 158 | * query |
| 159 | * randhex |
| @@ -174,10 +175,11 @@ | |
| 174 | * tclMakeSafe |
| 175 | * tclReady |
| 176 | * trace |
| 177 | * stime |
| 178 | * utime |
| 179 | * wiki |
| 180 | |
| 181 | Each of the commands above is documented by a block comment above their |
| 182 | implementation in the th\_main.c or th\_tcl.c source files. |
| 183 | |
| @@ -379,10 +381,18 @@ | |
| 379 | |
| 380 | * httpize STRING |
| 381 | |
| 382 | Escape all characters of STRING which have special meaning in URI |
| 383 | components. Returns the escaped string. |
| 384 | |
| 385 | <a name="linecount"></a>TH1 linecount Command |
| 386 | --------------------------------------------- |
| 387 | |
| 388 | * linecount STRING MAX MIN |
| @@ -607,10 +617,21 @@ | |
| 607 | |
| 608 | * utime |
| 609 | |
| 610 | Returns the number of microseconds of CPU time consumed by the current |
| 611 | process in user space. |
| 612 | |
| 613 | <a name="wiki"></a>TH1 wiki Command |
| 614 | ----------------------------------- |
| 615 | |
| 616 | * wiki STRING |
| 617 |
| --- www/th1.md | |
| +++ www/th1.md | |
| @@ -150,10 +150,11 @@ | |
| 150 | * hasfeature |
| 151 | * html |
| 152 | * htmlize |
| 153 | * http |
| 154 | * httpize |
| 155 | * insertCsrf |
| 156 | * linecount |
| 157 | * markdown |
| 158 | * puts |
| 159 | * query |
| 160 | * randhex |
| @@ -174,10 +175,11 @@ | |
| 175 | * tclMakeSafe |
| 176 | * tclReady |
| 177 | * trace |
| 178 | * stime |
| 179 | * utime |
| 180 | * verifyCsrf |
| 181 | * wiki |
| 182 | |
| 183 | Each of the commands above is documented by a block comment above their |
| 184 | implementation in the th\_main.c or th\_tcl.c source files. |
| 185 | |
| @@ -379,10 +381,18 @@ | |
| 381 | |
| 382 | * httpize STRING |
| 383 | |
| 384 | Escape all characters of STRING which have special meaning in URI |
| 385 | components. Returns the escaped string. |
| 386 | |
| 387 | <a name="insertCsrf"></a>TH1 insertCsrf Command |
| 388 | ----------------------------------------------- |
| 389 | |
| 390 | * insertCsrf |
| 391 | |
| 392 | While rendering a form, call this command to add the Anti-CSRF token |
| 393 | as a hidden element of the form. |
| 394 | |
| 395 | <a name="linecount"></a>TH1 linecount Command |
| 396 | --------------------------------------------- |
| 397 | |
| 398 | * linecount STRING MAX MIN |
| @@ -607,10 +617,21 @@ | |
| 617 | |
| 618 | * utime |
| 619 | |
| 620 | Returns the number of microseconds of CPU time consumed by the current |
| 621 | process in user space. |
| 622 | |
| 623 | <a name="verifyCsrf"></a>TH1 verifyCsrf Command |
| 624 | ----------------------------------------------- |
| 625 | |
| 626 | * verifyCsrf |
| 627 | |
| 628 | Before using the results of a form, first call this command to verify |
| 629 | that this Anti-CSRF token is present and is valid. If the Anti-CSRF token |
| 630 | is missing or is incorrect, that indicates a cross-site scripting attack. |
| 631 | If the event of an attack is detected, an error message is generated and |
| 632 | all further processing is aborted. |
| 633 | |
| 634 | <a name="wiki"></a>TH1 wiki Command |
| 635 | ----------------------------------- |
| 636 | |
| 637 | * wiki STRING |
| 638 |