Update of /cvsroot/mhonarc/mharc/lib/MHArc
In directory subversions:/tmp/cvs-serv16570/lib/MHArc
Modified Files:
CGI.pm
Log Message:
* Changes to close a potential backdoor to accessing raw mail messages
for archives specified wiht "No-Raw-Link: 1". web-archive now
creates a file called ".noraw" in the archive mbox directories with
no-raw-linke enabled. extract-mesg.cgi checks for this, and if found
will return a forbidden status.
Index: CGI.pm
===================================================================
RCS file: /cvsroot/mhonarc/mharc/lib/MHArc/CGI.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** CGI.pm 3 Sep 2002 16:30:47 -0000 1.1
--- CGI.pm 18 Sep 2002 17:23:29 -0000 1.2
***************
*** 32,35 ****
--- 32,36 ----
&print_content_type
&print_error
+ &print_forbidden
&print_input_error
&print_location
***************
*** 74,78 ****
--- 75,86 ----
}
+ sub print_forbidden {
+ print STDOUT 'Status: 403 Forbidden', "\r\n";
+ print_content_type('text/plain');
+ print STDOUT "Access Denied\n";
+ }
+
sub print_input_error {
+ print STDOUT 'Status: 400 Bad Request', "\r\n";
print_content_type('text/plain');
print STDOUT "Input Error\n";
***************
*** 85,90 ****
sub print_not_found_error {
print_content_type('text/plain');
! print STDOUT "Message Not Found\n";
}
--- 93,99 ----
sub print_not_found_error {
+ print STDOUT 'Status: 404 Not Found', "\r\n";
print_content_type('text/plain');
! print STDOUT "Not Found\n";
}
***************
*** 95,99 ****
sub print_content_type {
my($type) = shift;
! print STDOUT "Content-type: $type\n\n";
}
--- 104,108 ----
sub print_content_type {
my($type) = shift;
! print STDOUT "Content-type: $type\r\n\r\n";
}
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV