![(please configure the [header_logo] section in trac.ini)](/share/chrome/site/your_project_logo.png){kind=logo}
Changeset 2695 for lang/ruby/ssb
- Timestamp:
- 12/07/07 07:38:52 (13 months ago)
- Location:
- lang/ruby/ssb/trunk
- Files:
-
- 4 modified
-
libs/ssb.rb (modified) (4 diffs)
-
libs/ssb/request.rb (modified) (4 diffs)
-
test/filter_test.rb (modified) (1 diff)
-
test/request_test.rb (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
lang/ruby/ssb/trunk/libs/ssb.rb
r2694 r2695 126 126 127 127 def output_template(request_uri, response, term, page, source, res) 128 ssb = ''129 128 tpl_file = 'ssb.rhtml' 130 129 template = open(File.join(SSB::CONFIG[:template_dir], tpl_file)).read.untaint … … 136 135 end 137 136 138 page = SSB::Application.filter_html(page, request_uri, term, ssb,response)137 page = SSB::Application.filter_html(page, request_uri, term, response) 139 138 140 139 page = NKF::nkf('-w', page) … … 158 157 end 159 158 160 def self.filter_html(page, request_uri, term, ssb,response)159 def self.filter_html(page, request_uri, term, response) 161 160 # <?xml をけす。IEのバグ対応 162 161 page.gsub!(/<\?([^\?]+)\?>/) { |s| … … 173 172 %Q! #{tag}="#{$2}"#{$3} target="_top" >! 174 173 elsif $2.index('/') == 0 175 %Q! #{tag}="./ #{ssb}?ssb_q=#{CGI.escape(('http://' + request_uri.host + ':' + request_uri.port.to_s + $2).to_s)}"#{$3} target="_top" >!174 %Q! #{tag}="./?ssb_q=#{CGI.escape(('http://' + request_uri.host + ':' + request_uri.port.to_s + $2).to_s)}"#{$3} target="_top" >! 176 175 else 177 %Q! #{tag}="./ #{ssb}?ssb_q=#{CGI.escape((request_uri + $2).to_s)}"#{$3} target="_top" >!176 %Q! #{tag}="./?ssb_q=#{CGI.escape((request_uri + $2).to_s)}"#{$3} target="_top" >! 178 177 end 179 178 when 'action' -
lang/ruby/ssb/trunk/libs/ssb/request.rb
r2653 r2695 24 24 25 25 def initialize(method, in_query, in_cookie) 26 case method.upcase 27 when 'POST', 'GET' 28 @method = method.upcase.dup.untaint 29 else 30 raise ArgumentError 31 end 26 @method = method 32 27 @term = SSB::Misc.load_terminal_info(in_cookie) 33 28 @http_proxy = ENV['HTTP_PROXY'] || ENV['http_proxy'] … … 45 40 uri = URI.parse(http_proxy) 46 41 user, pass = uri.userinfo.split(/:/) if uri.userinfo 47 address = uri.host .untaint48 port = uri.port .untaint42 address = uri.host 43 port = uri.port 49 44 Net::HTTP.Proxy(address, port, user, pass) 50 45 end … … 61 56 response = nil 62 57 63 http = http_class(@http_proxy).new(@uri.host .untaint, @uri.port.untaint)58 http = http_class(@http_proxy).new(@uri.host, @uri.port) 64 59 if @uri.scheme == 'https' 65 60 http.use_ssl = true … … 90 85 in_query.each do |key,value| 91 86 value = value.to_s unless value.instance_of?(String) 92 if key == 'ssb_q' 87 if key == 'ssb_q' # request URI 93 88 uri_base = value.dup.untaint 94 89 else # passing parameters 95 uri_params[NKF::nkf('-s', key )] = CGI.escape(NKF::nkf('-s', value))90 uri_params[NKF::nkf('-s', key.dup.untaint)] = CGI.escape(NKF::nkf('-s', value.dup.untaint)) 96 91 end 97 92 end -
lang/ruby/ssb/trunk/test/filter_test.rb
r2404 r2695 20 20 test 'filter a tag' do 21 21 assert_equal( 22 SSB::Application.filter_html("<a href='/bar'>foo</a>", URI.parse('http://example.com/foo'), Term.new(SSB::KtaiSpec::CARRIER_DOCOMO), '' , ''),22 SSB::Application.filter_html("<a href='/bar'>foo</a>", URI.parse('http://example.com/foo'), Term.new(SSB::KtaiSpec::CARRIER_DOCOMO), ''), 23 23 %Q{<a href=\"./?ssb_q=http%3A%2F%2Fexample.com%3A80%2Fbar\" target=\"_top\" >foo</a>} 24 24 ) -
lang/ruby/ssb/trunk/test/request_test.rb
r2404 r2695 63 63 end 64 64 65 test 'request_uri_should_not_tainted x' do66 assert(!@request.uri.t ainted?)65 test 'request_uri_should_not_tainted' do 66 assert(!@request.uri.to_s.tainted?) 67 67 end 68 68
