Branch: Tag:

2008-09-03

2008-09-03 16:14:28 by Jonas Wallden <jonasw@roxen.com>

Clean up request tracing regarding HTML quoting. Tracing may be sent to the
log, to a web page or both so the tracing module cannot expect to pass HTML
data. This change is incompatible in the sense that old calls may render
with double quoting but that's arguably better than leaking unquoted tags
to the Resolve Path web page.

The Resolve Path wizard now identifies messages containing linefeeds and
present them in <pre> style to maintain columns etc.

Rev: server/base_server/configuration.pike:1.656
Rev: server/config_interface/actions/resolv.pike:1.34
Rev: server/etc/include/request_trace.h:1.14
Rev: server/etc/modules/RXML.pmod/module.pmod:1.368

2:   //   // Some stuff to do logging of a request through the server.   // - // $Id: request_trace.h,v 1.13 2004/05/14 17:08:24 mast Exp $ + // $Id: request_trace.h,v 1.14 2008/09/03 16:14:28 jonasw Exp $      #ifndef REQUEST_TRACE_H   #define REQUEST_TRACE_H
10:   #include <roxen.h>   #include <module.h>    - // Note that TRACE_ENTER (but not TRACE_LEAVE) takes html encoded - // message strings. Messages are preferably a single line, and they + // Note that TRACE_ENTER (and TRACE_LEAVE) takes message strings + // in plain text. Messages are preferably a single line, and they   // should not end with period and/or newline. -  + // + // + // Roxen 5.0 compatibility notice: + // + // Pre-5.0 these macros allowed html markup to pass through unquoted + // into the tracing machinery, but since the ultimate destination may + // not be a web page at all this capability has been removed. The + // Resolve Path wizard will now quote all strings instead.      #ifdef REQUEST_TRACE   
48:      #define SIMPLE_TRACE_ENTER(OBJ, MSG...) do { \    array _msg_arr_; \ -  TRACE_ENTER (Roxen.html_encode_string ( \ -  (_msg_arr_ = ({MSG}), \ +  TRACE_ENTER ( (_msg_arr_ = ({MSG}), \    sizeof (_msg_arr_) > 1 ? sprintf (@_msg_arr_) : \ -  (sizeof (_msg_arr_) ? _msg_arr_[0] : ""))), \ +  (sizeof (_msg_arr_) ? _msg_arr_[0] : "")), \    (OBJ)); \    } while (0)      #define SIMPLE_TRACE_LEAVE(MSG...) do { \    array _msg_arr_; \ -  TRACE_LEAVE (Roxen.html_encode_string ( \ -  (_msg_arr_ = ({MSG}), \ +  TRACE_LEAVE ( (_msg_arr_ = ({MSG}), \    sizeof (_msg_arr_) > 1 ? sprintf (@_msg_arr_) : \ -  (sizeof (_msg_arr_) ? _msg_arr_[0] : "")))); \ +  (sizeof (_msg_arr_) ? _msg_arr_[0] : ""))); \    } while (0)      // The following variant should be used inside RXML.Frame callbacks
69:   // combination with the magic _debug_ tag argument or the RXML_VERBOSE   // or RXML_REQUEST_VERBOSE defines.   // - // These two macros do not take html encoded messages, as opposed to - // TRACE_ENTER and TRACE_LEAVE. + // These two macros do not take html encoded messages (which since 5.0 + // is true for all tracing macros).      #define TAG_TRACE_ENTER(MSG...) do { \    array _msg_arr_; \    string _msg_; \ -  TRACE_ENTER ("tag &lt;" + (tag && tag->name) + "&gt; " + \ -  Roxen.html_encode_string ( \ +  TRACE_ENTER ("tag <" + (tag && tag->name) + "> " + \    (_msg_arr_ = ({MSG}), \    _msg_ = sizeof (_msg_arr_) > 1 ? sprintf (@_msg_arr_) : \ -  (sizeof (_msg_arr_) ? _msg_arr_[0] : ""))), \ +  (sizeof (_msg_arr_) ? _msg_arr_[0] : "")), \    tag); \    DO_IF_DEBUG ( \    if (TAG_DEBUG_TEST (flags & RXML.FLAG_DEBUG)) \