1.修改js注入页面显示无效字符问题
This commit is contained in:
fengweihao
@@ -619,8 +619,8 @@ void policy_table_new_cb(int table_id, const char* key, const char* table_line,
|
||||
ply_obj->tpl = ctemplate::Template::GetTemplate(profile_path, ctemplate::DO_NOT_STRIP);
|
||||
}else
|
||||
{
|
||||
ply_obj->profile_msg = rt_read_file(profile_path, &ply_obj->msg_len);
|
||||
if (ply_obj->profile_msg == NULL || ply_obj->msg_len == 0)
|
||||
ply_obj->profile_msg = execute_read_file(profile_path, &ply_obj->msg_len);
|
||||
if (ply_obj->profile_msg == NULL)
|
||||
{
|
||||
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Read file failed %d:%s:%s", cfg_id, profile_name, profile_path);
|
||||
}
|
||||
@@ -1149,13 +1149,14 @@ static int html_generate(int cfg_id, const char* msg, char ** page_buff, size_t
|
||||
else
|
||||
{
|
||||
*page_size = ply_obj->msg_len;
|
||||
*page_buff = tfe_strdup(ply_obj->profile_msg);
|
||||
*page_buff = ply_obj->profile_msg;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
static void html_free(char ** page_buff)
|
||||
{
|
||||
if (*page_buff)
|
||||
FREE(page_buff);
|
||||
return;
|
||||
}
|
||||
@@ -1329,22 +1330,22 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio
|
||||
static void http_reject(const struct tfe_http_session * session, enum tfe_http_event events,
|
||||
struct pangu_http_ctx * ctx)
|
||||
{
|
||||
int resp_code = 0, ret = 0;
|
||||
int resp_code = 0;
|
||||
struct tfe_http_half * response = NULL;
|
||||
char * page_buff = NULL;
|
||||
size_t page_size = 0;
|
||||
|
||||
char cont_len_str[16];
|
||||
|
||||
char msg[TFE_STRING_MAX] = "";
|
||||
char *msg = NULL;
|
||||
struct tfe_http_session * to_write_sess = NULL;
|
||||
|
||||
ret = sscanf(ctx->enforce_para, "code=%d;content=%[^\n]", &resp_code, msg);
|
||||
if (ret != 1 && ret != 2)
|
||||
{
|
||||
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid reject rule %d paramter %s",
|
||||
ctx->enforce_rules[0].config_id, ctx->enforce_para);
|
||||
struct plolicy_param *param = ctx->param;
|
||||
|
||||
resp_code = param->status_code;
|
||||
msg = param->message;
|
||||
if (resp_code <= 0 || msg != NULL){
|
||||
TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid block rule %d", ctx->enforce_rules[0].config_id);
|
||||
ctx->action = PG_ACTION_NONE;
|
||||
return;
|
||||
}
|
||||
@@ -1502,7 +1503,7 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
|
||||
size_t page_size = ply_obj->msg_len;
|
||||
|
||||
size_t frag_size=8192; size_t sendlen=0;
|
||||
unsigned char body_frag[frag_size];
|
||||
unsigned char body_frag[frag_size + 1];
|
||||
|
||||
tfe_http_session_response_set(to_write_sess, response);
|
||||
tfe_http_half_write_body_begin(response, 1);
|
||||
|
||||
@@ -78,23 +78,55 @@ strtok_r_esc(char * s, const char delim, char ** save_ptr)
|
||||
return s;
|
||||
}
|
||||
|
||||
char *rt_read_file(const char* filename, size_t *input_sz)
|
||||
char *execute_read_file(const char *filename, size_t *filelen)
|
||||
{
|
||||
FILE* fp=NULL;
|
||||
struct stat file_info;
|
||||
stat(filename, &file_info);
|
||||
*input_sz=file_info.st_size;
|
||||
FILE *file = NULL;
|
||||
long length = 0;
|
||||
char *content = NULL;
|
||||
size_t read_chars = 0;
|
||||
|
||||
fp=fopen(filename,"r");
|
||||
if(fp==NULL)
|
||||
file = fopen(filename, "rb");
|
||||
if (file == NULL)
|
||||
{
|
||||
return NULL;
|
||||
goto cleanup;
|
||||
}
|
||||
if (fseek(file, 0, SEEK_END) != 0)
|
||||
{
|
||||
goto cleanup;
|
||||
}
|
||||
length = ftell(file);
|
||||
if (length < 0)
|
||||
{
|
||||
goto cleanup;
|
||||
}
|
||||
if (fseek(file, 0, SEEK_SET) != 0)
|
||||
{
|
||||
goto cleanup;
|
||||
}
|
||||
char* data=(char*)malloc((*input_sz));
|
||||
fread(data,1,*input_sz,fp);
|
||||
fclose(fp);
|
||||
|
||||
return data;
|
||||
/* allocate content buffer */
|
||||
content = (char*)malloc((size_t)length + sizeof(""));
|
||||
if (content == NULL)
|
||||
{
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* read the file into memory */
|
||||
read_chars = fread(content, sizeof(char), (size_t)length, file);
|
||||
if ((long)read_chars != length)
|
||||
{
|
||||
free(content);
|
||||
content = NULL;
|
||||
goto cleanup;
|
||||
}
|
||||
*filelen = read_chars;
|
||||
content[read_chars] = '\0';
|
||||
cleanup:
|
||||
if (file != NULL)
|
||||
{
|
||||
fclose(file);
|
||||
}
|
||||
return content;
|
||||
}
|
||||
size_t __attribute__((__unused__))
|
||||
format_replace_rule(const char * exec_para, struct replace_rule * replace, size_t n_replace)
|
||||
@@ -262,14 +294,14 @@ size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char
|
||||
|
||||
if (0==strcasecmp(type, "css"))
|
||||
{
|
||||
target_size = in_sz+strlen(stype)+css_type_len;
|
||||
target = ALLOC(char, target_size);
|
||||
target_size = in_sz+strlen(stype)+1+css_type_len;
|
||||
target = ALLOC(char, target_size + 1);
|
||||
}
|
||||
|
||||
if (0==strcasecmp(type, "js"))
|
||||
{
|
||||
target_size = in_sz+strlen(stype)+js_type_len;
|
||||
target = ALLOC(char, target_size);
|
||||
target_size = in_sz+strlen(stype)+1+js_type_len;
|
||||
target = ALLOC(char, target_size + 1);
|
||||
}
|
||||
|
||||
if (insert_on != NULL && 0==strcasecmp(insert_on, "after-page-load"))
|
||||
@@ -283,22 +315,24 @@ size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char
|
||||
size_t style_len = 0; char *style_msg = NULL;
|
||||
if (0==strcasecmp(type, "js"))
|
||||
{
|
||||
style_len = strlen(stype)+js_type_len+1;
|
||||
style_len = strlen(stype)+1+js_type_len;
|
||||
style_msg = ALLOC(char, style_len);
|
||||
snprintf(style_msg, style_len, "<script type=\"text/javascript\" class=\"RQ_SCRIPT\">%s</script>", stype);
|
||||
}
|
||||
if (0==strcasecmp(type, "css"))
|
||||
{
|
||||
style_len = strlen(stype)+css_type_len+1;
|
||||
style_len = strlen(stype)+1+css_type_len;
|
||||
style_msg = ALLOC(char, style_len);
|
||||
snprintf(style_msg, style_len, "<style type=\"text/css\" class=\"RQ_SCRIPT\">%s</style>\n", stype);
|
||||
snprintf(style_msg, style_len, "<style type=\"text/css\" class=\"RQ_SCRIPT\">%s</style>", stype);
|
||||
}
|
||||
strncat(target, style_msg, target_size);
|
||||
|
||||
strncat(target, style_msg, MIN(style_len, target_size));
|
||||
free(style_msg);
|
||||
style_msg = NULL;
|
||||
strncat(target, head_string, target_size);
|
||||
strncat(target, head_string, (target_size - (head_string-in) - style_len));
|
||||
target[target_size-1] = '\0';
|
||||
outlen = target_size;
|
||||
*out = target;
|
||||
outlen = strlen(target) + 1;
|
||||
}else
|
||||
{
|
||||
free(target);
|
||||
@@ -315,12 +349,13 @@ size_t execute_insert_rule(char * in, size_t in_sz, const struct insert_rule * r
|
||||
|
||||
void simple_replace(const char* find, const char* replacement, const char* input, size_t in_sz, char** output, size_t *output_sz)
|
||||
{
|
||||
size_t n_got_rule=1;
|
||||
char* exec_para=NULL;
|
||||
asprintf(&exec_para,"zone=http_resp_body;substitute=/%s/%s", find, replacement);
|
||||
size_t n_got_rule=0;
|
||||
struct replace_rule rules[16];
|
||||
rules[0].zone = kZoneResponseBody;
|
||||
rules[0].find = tfe_strdup(find);
|
||||
rules[0].replace_with = tfe_strdup(replacement);
|
||||
n_got_rule=format_replace_rule(exec_para, rules, sizeof(rules)/sizeof(rules[0]));
|
||||
*output_sz=execute_replace_rule(input, strlen(input), kZoneResponseBody, rules, n_got_rule, output);
|
||||
free(exec_para);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -37,6 +37,6 @@ size_t insert_string(char * in, size_t in_sz, const char *insert_on, const char
|
||||
void simple_replace(const char* find, const char* replacement, const char* input, size_t in_sz, char** output, size_t *output_sz);
|
||||
|
||||
enum replace_zone zone_name_to_id(const char * name);
|
||||
char *rt_read_file(const char* filename, size_t *input_sz);
|
||||
char *execute_read_file(const char *filename, size_t *filelen);
|
||||
|
||||
|
||||
|
||||
@@ -120,13 +120,11 @@ TEST(PatternInsert, CSS)
|
||||
char *input=NULL, *output=NULL;
|
||||
size_t output_sz=0, input_sz = 0;
|
||||
|
||||
input = rt_read_file(filename, &input_sz);
|
||||
input = execute_read_file(filename, &input_sz);
|
||||
EXPECT_TRUE(input_sz>0);
|
||||
|
||||
output_sz = insert_string(input, input_sz, NULL, custom, "css", &output);
|
||||
|
||||
//printf("output = %s\n", output);
|
||||
|
||||
EXPECT_TRUE(output_sz>0);
|
||||
EXPECT_TRUE(NULL!=strstr(output, custom));
|
||||
free(output);
|
||||
@@ -141,19 +139,14 @@ TEST(PatternInsert, after_body)
|
||||
char *input=NULL, *output=NULL;
|
||||
size_t output_sz=0, input_sz = 0;
|
||||
|
||||
input = rt_read_file(filename, &input_sz);
|
||||
input = execute_read_file(filename, &input_sz);
|
||||
EXPECT_TRUE(input_sz>0);
|
||||
|
||||
output_sz = insert_string(input, input_sz, "after-page-load", custom, "js", &output);
|
||||
|
||||
//printf("%s\n", output);
|
||||
|
||||
EXPECT_TRUE(output_sz>0);
|
||||
EXPECT_TRUE(NULL!=strstr(output, custom));
|
||||
|
||||
free(input);
|
||||
free(output);
|
||||
output = NULL;
|
||||
}
|
||||
|
||||
TEST(PatternInsert, before_body)
|
||||
@@ -164,18 +157,14 @@ TEST(PatternInsert, before_body)
|
||||
char *input=NULL, *output=NULL;
|
||||
size_t output_sz=0, input_sz = 0;
|
||||
|
||||
input = rt_read_file(filename, &input_sz);
|
||||
input = execute_read_file(filename, &input_sz);
|
||||
EXPECT_TRUE(input_sz>0);
|
||||
|
||||
output_sz = insert_string(input, input_sz, "before-page-load", custom, "js", &output);
|
||||
//printf("%s\n", output);
|
||||
|
||||
EXPECT_TRUE(output_sz>0);
|
||||
EXPECT_TRUE(NULL!=strstr(output, custom));
|
||||
|
||||
free(input);
|
||||
free(output);
|
||||
output = NULL;
|
||||
}
|
||||
|
||||
int main(int argc, char ** argv)
|
||||
|
||||
Reference in New Issue
Block a user