diff options
| author | Eric Wong <e@80x24.org> | 2014-04-12 01:06:58 +0000 |
|---|---|---|
| committer | Eric Wong <e@80x24.org> | 2014-04-12 01:21:23 +0000 |
| commit | 59438d115d1cf52d12258b5d94bae5219daaae41 (patch) | |
| tree | c62e512a10d5e9e9361319dbc3f30312be185292 | |
| parent | c4e1a5af31e924077568823ef83d00d1462f5f12 (diff) | |
| download | public-inbox-59438d115d1cf52d12258b5d94bae5219daaae41.tar.gz | |
MIDs may have strange characters in them, so we need to handle escaping/unescaping properly to avoid broken links or worse.
| -rwxr-xr-x | public-inbox.cgi | 3 | ||||
| -rw-r--r-- | t/cgi.t | 39 |
2 files changed, 38 insertions, 4 deletions
diff --git a/public-inbox.cgi b/public-inbox.cgi index 313a4f22..1765cf45 100755 --- a/public-inbox.cgi +++ b/public-inbox.cgi @@ -15,6 +15,7 @@ use warnings; use CGI qw(:cgi :escapeHTML -nosticky); # PSGI/FastCGI/mod_perl compat use Encode qw(decode_utf8); use PublicInbox::Config; +use URI::Escape qw(uri_unescape); use Digest::SHA qw(sha1_hex); our $LISTNAME_RE = qr!\A(?:/.*?)?/([\w\.\-]+)!; our $pi_config; @@ -102,7 +103,7 @@ sub invalid_list { sub invalid_list_mid { my ($ctx, $listname, $mid) = @_; my $ret = invalid_list($ctx, $listname, $mid) and return $ret; - $ctx->{mid} = $mid; + $ctx->{mid} = uri_unescape($mid); undef; } @@ -39,9 +39,9 @@ my $cfgpfx = "publicinbox.test"; } } +my $failbox = "$home/fail.mbox"; +local $ENV{PI_FAILBOX} = $failbox; { - my $failbox = "$home/fail.mbox"; - local $ENV{PI_FAILBOX} = $failbox; local $ENV{HOME} = $home; local $ENV{RECIPIENT} = $addr; @@ -126,9 +126,35 @@ EOF # more checks in t/feed.t } +# message-id pages { local $ENV{HOME} = $home; - my $res = cgi_run("/test/m/blahblah\@example.com.txt"); + my $slashy_mid = 'slashy/asdf@example.com'; + my $reply = Email::Simple->new(<<EOF); +From: You <you\@example.com> +To: Me <me\@example.com> +Cc: $addr +In-Reply-To: <blah\@example.com> +Message-Id: <$slashy_mid> +Subject: Re: hihi +Date: Thu, 01 Jan 1970 00:00:01 +0000 + +slashy +EOF + my $in = $reply->as_string; + + { + local $ENV{HOME} = $home; + local $ENV{RECIPIENT} = $addr; + run_with_env({PATH => $main_path}, [$mda], \$in); + } + local $ENV{GIT_DIR} = $maindir; + + my $res = cgi_run("/test/m/slashy%2fasdf%40example.com.txt"); + like($res->{body}, qr/Message-Id: <\Q$slashy_mid\E>/, + "slashy mid.txt hit"); + + $res = cgi_run("/test/m/blahblah\@example.com.txt"); like($res->{body}, qr/Message-Id: <blahblah\@example\.com>/, "mid.txt hit"); @@ -151,6 +177,13 @@ EOF like($res->{head}, qr/Status: 404 Not Found/, "mid.html miss"); } +{ + local $ENV{HOME} = $home; + my $res = cgi_run("/test/"); + like($res->{body}, qr/slashy%2Fasdf%40example\.com/, + "slashy URL generated correctly"); +} + done_testing(); sub run_with_env { |