[interchange-cvs] interchange - jon modified lib/Vend/Page.pm
interchange-cvs at icdevgroup.org
interchange-cvs at icdevgroup.org
Fri Dec 26 20:08:33 EST 2003
User: jon
Date: 2003-12-27 01:08:33 GMT
Modified: lib/Vend Page.pm
Log:
Move mv_nextpage fallback before security check.
Clean up regexes and defaults.
Revision Changes Path
2.16 +7 -7 interchange/lib/Vend/Page.pm
rev 2.16, prev_rev 2.15
Index: Page.pm
===================================================================
RCS file: /var/cvs/interchange/lib/Vend/Page.pm,v
retrieving revision 2.15
retrieving revision 2.16
diff -u -u -r2.15 -r2.16
--- Page.pm 10 Sep 2003 16:50:51 -0000 2.15
+++ Page.pm 27 Dec 2003 01:08:33 -0000 2.16
@@ -1,6 +1,6 @@
# Vend::Page - Handle Interchange page routing
#
-# $Id: Page.pm,v 2.15 2003/09/10 16:50:51 mheins Exp $
+# $Id: Page.pm,v 2.16 2003/12/27 01:08:33 jon Exp $
#
# Copyright (C) 2002-2003 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
@@ -46,7 +46,7 @@
use vars qw/$VERSION/;
-$VERSION = substr(q$Revision: 2.15 $, 10);
+$VERSION = substr(q$Revision: 2.16 $, 10);
my $wantref = 1;
@@ -56,7 +56,7 @@
undef $Vend::write_redirect;
- $name =~ m/[\[<]+/g
+ $name =~ m/[\[<]/
and do {
::logGlobal(
"Security violation -- scripting character in page name '%s'.",
@@ -65,7 +65,7 @@
$name = 'violation';
};
- $subject = $subject || 'unspecified error';
+ $subject ||= 'unspecified error';
my $noname = $name;
$noname =~ s:^\.\./::;
@@ -88,7 +88,9 @@
my($name, $opt) = @_;
my($page);
- $name =~ m/[\[<]+/g
+ $name ||= $CGI::values{mv_nextpage};
+
+ $name =~ m/[\[<]/
and do {
::logGlobal(
"Security violation -- scripting character in page name '%s'.",
@@ -97,8 +99,6 @@
$name = 'violation';
return display_special_page($name);
};
-
- $name = $CGI::values{mv_nextpage} unless $name;
if($Vend::Cfg->{ExtraSecure} and
$Vend::Cfg->{AlwaysSecure}->{$name}
More information about the interchange-cvs
mailing list