]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/getsource.pm
fix bugs in `find_src_files()`.
[git.ikiwiki.info.git] / IkiWiki / Plugin / getsource.pm
index db5614ec18081e1d4f877183acb370e855ee6aed..d1555430e82d83bbe61064d04b335cdf48a85317 100644 (file)
@@ -42,22 +42,24 @@ sub pagetemplate (@) {
 sub cgi_getsource ($) {
        my $cgi=shift;
 
-       # Note: we use sessioncgi rather than just cgi
-       # because we need %pagesources to be
-       # populated.
-
-       return unless (defined $cgi->param('do') &&
-                                       $cgi->param("do") eq "getsource");
+       return unless defined $cgi->param('do') &&
+                     $cgi->param("do") eq "getsource";
 
        IkiWiki::decode_cgi_utf8($cgi);
 
        my $page=$cgi->param('page');
 
+       if (! defined $page || $page !~ /$config{wiki_file_regexp}/) {
+               error("invalid page parameter");
+       }
+
+       # For %pagesources.
        IkiWiki::loadindex();
 
        if (! exists $pagesources{$page}) {
                IkiWiki::cgi_custom_failure(
-                       $cgi->header(-status => "404 Not Found"),
+                       $cgi,
+                       "404 Not Found",
                        IkiWiki::misctemplate(gettext("missing page"),
                                "<p>".
                                sprintf(gettext("The page %s does not exist."),
@@ -77,18 +79,14 @@ sub cgi_getsource ($) {
                exit;
        }
 
-       my $data = readfile(srcfile($pagesources{$page}));
-
        if (! $config{getsource_mimetype}) {
                $config{getsource_mimetype} = "text/plain; charset=utf-8";
        }
 
        print "Content-Type: $config{getsource_mimetype}\r\n";
-
        print ("\r\n");
+       print readfile(srcfile($pagesources{$page}));
 
-       print $data;
-       
        exit 0;
 }