Roxen.git / server / base_server / roxen.pike

version» Context lines:

Roxen.git/server/base_server/roxen.pike:1:   // This file is part of Roxen WebServer.   // Copyright © 1996 - 2004, Roxen IS.   //   // The Roxen WebServer main program.   //   // Per Hedbor, Henrik Grubbström, Pontus Hagland, David Hedbor and others.   // ABS and suicide systems contributed freely by Francesco Chemolli    - constant cvs_version="$Id: roxen.pike,v 1.982 2008/09/11 19:55:23 mast Exp $"; + constant cvs_version="$Id: roxen.pike,v 1.983 2008/09/15 16:27:27 mast Exp $";      //! @appears roxen   //!   //! The Roxen WebServer main program.      // The argument cache. Used by the image cache.   ArgCache argcache;      // Some headerfiles   #define IN_ROXEN
Roxen.git/server/base_server/roxen.pike:4726:      mapping low_load_image(string f, RequestID id, void|mapping err)   {    string data;    if(id->misc->_load_image_called < 5)    {    // We were recursing very badly with the demo module here...    id->misc->_load_image_called++;    if(!(data=id->conf->try_get_file(f, id, 0, 0, 0, err)))    { -  // This is a major security hole! It can load any (image) file -  // in the low-level file system using the server's user privileges. -  // -  // file=Stdio.File(); -  // if(!file->open(f,"r") || !(data=file->read())) +    #ifdef THREADS -  if (mixed err = catch -  { -  string host = ""; -  sscanf( f, "http://%[^/]", host ); +  if (sscanf( f, "http://%[^/]", string host ) || +  sscanf (f, "https://%[^/]", host)) {    if( sscanf( host, "%*s:%*d" ) != 2)    host += ":80"; -  mapping hd = -  ([ +  mapping hd = ([    "User-Agent":version(),    "Host":host,    ]); -  +  if (mixed err = catch {    data = Protocols.HTTP.get_url_data( f, 0, hd );    })    werror (describe_backtrace (err)); -  +  }   #endif    if( !data )    return 0;    }    }    id->misc->_load_image_called = 0;    if(!data) return 0;    return low_decode_image( data );   }