Roxen.git/ server/ base_server/ configuration.pike

2018-04-09

2018-04-09 11:39:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

• 472765693a42925cc1a5593544c61d1c5188cb12 (7 lines) (+6/-1) ^{[ Show | Annotate ]}
  Branch: 472765693a42925cc1a5593544c61d1c5188cb12

WebDAV: Fixed case insensitive path prefix check in check_locks().

check_locks() now returns 423 directly in some more cases.

Fixes [WS-251].

1850:    Roxen.http_dav_error(Protocols.HTTP.DAV_LOCKED, "lock-token-submitted");    foreach(locks;;DAVLock lock) {    TRACE_ENTER(sprintf("Checking lock %O against %O.", lock, path), 0); -  if (has_prefix(path, lock->path)) { +  // NB: We can't perform a string comparison here, as we don't +  // know whether the path is case-sensitive or not. But as +  // we know that all lock paths are on the path to or through +  // `path`, a comparison of the string lengths is sufficient. +  if (sizeof(lock->path) <= sizeof(path)) {    TRACE_LEAVE("Direct lock.");    TRACE_LEAVE("Locked.");    return ret;