From owner-freebsd-cvsweb@FreeBSD.ORG Thu Feb 5 12:07:04 2004 Return-Path: Delivered-To: freebsd-cvsweb@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A84A416A4CE for ; Thu, 5 Feb 2004 12:07:04 -0800 (PST) Received: from iclub.com (www.ma.iclub.com [199.232.84.194]) by mx1.FreeBSD.org (Postfix) with SMTP id 35BE443D73 for ; Thu, 5 Feb 2004 12:06:09 -0800 (PST) (envelope-from gordon@iclub.com) Received: (qmail 30214 invoked from network); 5 Feb 2004 20:05:25 -0000 Received: from unknown (HELO gii) (gordon@199.232.84.212) by www.ma.iclub.com with SMTP; 5 Feb 2004 20:05:25 -0000 From: "Gordon Henriksen" To: Date: Thu, 5 Feb 2004 15:05:25 -0500 Organization: ICLUBcentral Inc. Message-ID: <016901c3ec23$64e97da0$d454e8c7@domain.ma.iclub.com> MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: [PATCH] Minimal support for paths with spaces X-BeenThere: freebsd-cvsweb@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS Web maintenance mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2004 20:07:04 -0000 The attached patch allows me to use cvsweb.cgi to browse folders and view/download files from my CVS repository which contain spaces in their filenames. Contrary to the comment in the source, cvs co -p with a space seems to work just fine: cvsweb.cgi simply wasn't unescaping $ENV{PATH_INFO}, and was as a result telling cvs to access "some+path" or "some%20path" instead of the correct "some path". I carped the y/// and s///e that the program uses to unescape QUERY_STRING and applied them to $pathinfo. I haven't noticed any ill effects whatsoever from this patch, but this is a brand new installation of the CGI (where a prohibition against spaces would be quite the deal-killer). I haven't explored all the cases where ${PATH_INFO} or derivative variables (e.g., $fullname) might be reincorporated into a URL without having been properly re-escaped. e.g., since $pathinfo and $fullpath are now unescaped, filenames with ?'s might now pose a problem if the program tries $r->redirect("$path/$fullpath"). Someone should do that. -- Gordon Henriksen IT Manager ICLUBcentral Inc. gordon@iclub.com P.S. - I'm not subscribed to freebsd-cvsweb@FreeBSD.org, so mail me privately if you expect any messages to reach me.