Blank chars query parsing from mini_httpd-1.30_170

[f54rog]

After the October updates, the info regarding the line has disappeared from the Ancistrus Home page.
Any suggestions?
Thanks in advanc

e

[negan07]

There's something missing maybe: partition usage @74% is too low. Rescue firmware never went under 80% usage.

Has something been removed manually ?

[f54rog]

Yes I have removed some packages, I show you which are the remaining N ° 22.
Can you tell me which one is missing to be able to see the status line

[negan07]

All the packages are up to date except samba, the larger, maybe removed.

the guiinfo.sh script is not invoked before loading the page

running manually:
guiinfo.sh
from telnet/ssh
and then loading the webpage should show the full status line: please confirm it.

[f54rog]

Hi Negan
I did what you suggested and now everything is ok
Thanks

[negan07]

Found the bug, related to a wrong string chars interpreter on javascript, fixed on the next core upgrade.

The trick suggested is valid only until next device reboot only.

To fix permanently:

opkg update && opkg install ancistrus-core

If possible, to investigate on 74% on rootfs usage only, can you please post the result of the cmd:

df

[f54rog]

Hi I have installed the new core package v1.7.2
now the bug is fix.
I attach the "df" report

[negan07]

It looks regular (suspected a different NAND dom...): maybe the absence of samba 3.6.25 and minidlna mediaserver has boosted free space up.

[f54rog]

Yes, if I remember correctly, before deleting some packages the percentage of space occupied was about 80-82% Il giorno sab 23 ott 2021 alle ore 21:14 negan07 ***@***.***> ha scritto:

…

It looks regular (suspected a different NAND dom...): maybe the absence of samba 3.6.25 and minidlna mediaserver has boosted free space up. — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#86 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AMCPRQILN7ICYIC4Y5POLS3UIMCRBANCNFSM5GJBKBPQ> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.

[negan07]

Reopen because further investigations have found out at least 2 more issues.

openssh keys download button

core setup utilities download nvram button

With the recap page stats above, all seem related to vendor's latest mini_httpd modifications, here added.

D7000_V1.0.1.82_apps_mini_httpd-1.17beta1-000-all.zip

In particular:

@@ -1493,15 +1510,136 @@
  */
 int path_exist(char *path, char *paths[], char *method_str)
 {
-	int i;
-
-	for (i = 0; paths[i]; i++)
+	if ((strcasestr(path, "%2") !=NULL) || (strcasestr(path, "%3") != NULL))
+	{	
+		SC_CFPRINTF("path:%s\n", path);
+		strdecode(path, path);		
+		SC_CFPRINTF("path after decode: %s\n", path);
+	}

involving in fact, all the location.href method calls on the webpages, with blanks.

[negan07]

In the latest mini_httpd own snapshot, the vendor opted to decode query path on some special code chars (beginning with 2 & 3 code num): this involves query GET methods avoiding blank char spaces ( %20 ): for this reason, since now, all the query get string like href must encode blank with +

openssh & core package updates fixes related involved webpages.

[negan07]

The 1.0.1.84 latest mini_httpd patch update has removed also:

if ((strcasestr(path, "%2") !=NULL) || (strcasestr(path, "%3") != NULL))

condition, decoding all the paths in any case