Skip to content
Newer
Older
100644 42 lines (34 sloc) 939 Bytes
6377222 @klacke ""
authored
1
2 <erl>
3
4 out(A) ->
5 H = yaws_api:ssi(A#arg.docroot, ["/HEAD", "/TOPTAB"]),
6 Q = A#arg.querydata,
d85b418 @klacke security bug found by jcortner@cvol.net
authored
7 P = yaws_api:parse_query(A),
6377222 @klacke ""
authored
8 io:format("P = ~p~n", [P]),
9 L = case lists:keysearch(page, 1, P) of
d85b418 @klacke security bug found by jcortner@cvol.net
authored
10 {value, {page, Page}} ->
11 %% only allow regular chars in Page
12 case lists:all(fun(C) ->
13 if
14 $a =< C, C =< $z ->
15 true;
16 $A =< C, C =< $Z ->
17 true;
8b75f8b @klacke Fixed probles with paths that had a query part ending up in the cache
authored
18 C == $_ ->
19 true;
d85b418 @klacke security bug found by jcortner@cvol.net
authored
20 true ->
21 false
22 end
23 end, Page) of
24 true ->
25 os:cmd("man " ++ Page ++ " | col -b");
08d72ff Added illegal character check to input to man page command to stop cr…
Johan Bevemyr authored
26 false ->
8b75f8b @klacke Fixed probles with paths that had a query part ending up in the cache
authored
27 io:format("XX ~s~n",[Page]),
28
29
30
31
d85b418 @klacke security bug found by jcortner@cvol.net
authored
32 "illegal character detected in query arg"
08d72ff Added illegal character check to input to man page command to stop cr…
Johan Bevemyr authored
33 end;
34 false ->
35 "no man page found in query arg "
36 end,
6377222 @klacke ""
authored
37 Man = yaws_api:pre_ssi_string(L,"man"),
38 Trail = yaws_api:ssi(A#arg.docroot, ["/END"]),
39 [H, Man, Trail].
40
41 </erl>
Something went wrong with that request. Please try again.