@@ -2308,7 +2308,7 @@ sub http_download
23082308$h = $main::download_timed_out if ($main::download_timed_out );
23092309if (!ref ($h )) {
23102310 if ($error ) { $$error = $h ; return ; }
2311- else { &error($h ); }
2311+ else { &error(&html_escape( $h ) ); }
23122312 }
23132313&complete_http_download($h , $dest , $error , $cbfunc , $osdn , $host , $port ,
23142314 $headers , $ssl , $nocache , $timeout );
@@ -2337,7 +2337,7 @@ sub complete_http_download
23372337 alarm(0);
23382338 &close_http_connection($h );
23392339 if ($error ) { ${$error} = $line ; return ; }
2340- else { &error(" Download failed : $line " ); }
2340+ else { &error(" Download failed : " .&html_escape( $line ) ); }
23412341 }
23422342my $rcode = $1 ;
23432343&$cbfunc (1, $rcode >= 300 && $rcode < 400 ? 1 : 0)
@@ -2383,7 +2383,8 @@ sub complete_http_download
23832383 # Assume relative to same dir .. not handled
23842384 &close_http_connection($h );
23852385 if ($error ) { ${$error} = " Invalid Location header $header {'location'}" ; return ; }
2386- else { &error(" Invalid Location header $header {'location'}" ); }
2386+ else { &error(" Invalid Location header " .
2387+ &html_escape($header {' location' })); }
23872388 }
23882389 else {
23892390 &close_http_connection($h );
@@ -2412,7 +2413,7 @@ sub complete_http_download
24122413 if (!&open_tempfile(PFILE, " >$destfile " , 1)) {
24132414 &close_http_connection($h );
24142415 if ($error ) { ${$error} = " Failed to write to $destfile : $! " ; return ; }
2415- else { &error(" Failed to write to $destfile : $! " ); }
2416+ else { &error(" Failed to write to " .&html_escape( $destfile ). " : " .&html_escape( " $! " ) ); }
24162417 }
24172418 binmode (PFILE); # For windows
24182419 while (defined ($buf = &read_http_connection($h , 1024))) {
0 commit comments