proxmox-mirrors/pve-http-server
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-http-server synced 2025-05-03 16:43:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

assume all parameters are utf8 encoded

Browse Source 
Previously, we called decode_utf8_parameters(), which only encoded
some parameters. This was just an optimization, and it turend out to
be error prone (for example passwords also contain utf8 parameters).
This commit is contained in:
Dietmar Maurer 2017-05-02 09:58:53 +02:00
parent e8ae1f090b
commit 256da58194
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
PVE/APIServer/AnyEvent.pm
View File

@ -29,6 +29,7 @@ use AnyEvent::IO;
use AnyEvent::HTTP; use AnyEvent::HTTP;
use Fcntl (); use Fcntl ();
use Compress::Zlib; use Compress::Zlib;
use Encode;
use PVE::SafeSyslog; use PVE::SafeSyslog;
use PVE::INotify; use PVE::INotify;
use PVE::Tools; use PVE::Tools;
@ -617,6 +618,7 @@ sub proxy_request {
} }
# return arrays as \0 separated strings (like CGI.pm) # return arrays as \0 separated strings (like CGI.pm)
# assume data is UTF8 encoded
sub decode_urlencoded { sub decode_urlencoded {
my ($data) = @_; my ($data) = @_;
@ -631,6 +633,8 @@ sub decode_urlencoded {
$v =~s/\+/ /g; $v =~s/\+/ /g;
$v =~ s/%([0-9a-fA-F][0-9a-fA-F])/chr(hex($1))/eg; $v =~ s/%([0-9a-fA-F][0-9a-fA-F])/chr(hex($1))/eg;
$v = Encode::decode('utf8', $v);
if (defined(my $old = $res->{$k})) { if (defined(my $old = $res->{$k})) {
$res->{$k} = "$old\0$v"; $res->{$k} = "$old\0$v";
} else { } else {
@ -655,7 +659,7 @@ sub extract_params {
$params->{$k} = $query_params->{$k}; $params->{$k} = $query_params->{$k};
} }
return PVE::Tools::decode_utf8_parameters($params); return $params;
} }
sub handle_api2_request { sub handle_api2_request {