X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/ea244ab7b53afbd710dab267ca9a8fb9f17cfb00..da5d29f95f6e693e8c14be1b896cf25cf4fdb3c0:/IkiWiki/Plugin/getsource.pm diff --git a/IkiWiki/Plugin/getsource.pm b/IkiWiki/Plugin/getsource.pm index 1b7eb56c6..d1555430e 100644 --- a/IkiWiki/Plugin/getsource.pm +++ b/IkiWiki/Plugin/getsource.pm @@ -42,22 +42,24 @@ sub pagetemplate (@) { sub cgi_getsource ($) { my $cgi=shift; - # Note: we use sessioncgi rather than just cgi - # because we need $IkiWiki::pagesources{} to be - # populated. - - return unless (defined $cgi->param('do') && - $cgi->param("do") eq "getsource"); + return unless defined $cgi->param('do') && + $cgi->param("do") eq "getsource"; IkiWiki::decode_cgi_utf8($cgi); my $page=$cgi->param('page'); + if (! defined $page || $page !~ /$config{wiki_file_regexp}/) { + error("invalid page parameter"); + } + + # For %pagesources. IkiWiki::loadindex(); - if (! exists $IkiWiki::pagesources{$page}) { + if (! exists $pagesources{$page}) { IkiWiki::cgi_custom_failure( - $cgi->header(-status => "404 Not Found"), + $cgi, + "404 Not Found", IkiWiki::misctemplate(gettext("missing page"), "
". sprintf(gettext("The page %s does not exist."), @@ -66,7 +68,7 @@ sub cgi_getsource ($) { exit; } - if (! defined pagetype($IkiWiki::pagesources{$page})) { + if (! defined pagetype($pagesources{$page})) { IkiWiki::cgi_custom_failure( $cgi->header(-status => "403 Forbidden"), IkiWiki::misctemplate(gettext("not a page"), @@ -77,18 +79,14 @@ sub cgi_getsource ($) { exit; } - my $data = IkiWiki::readfile(IkiWiki::srcfile($IkiWiki::pagesources{$page})); - if (! $config{getsource_mimetype}) { $config{getsource_mimetype} = "text/plain; charset=utf-8"; } print "Content-Type: $config{getsource_mimetype}\r\n"; - print ("\r\n"); + print readfile(srcfile($pagesources{$page})); - print $data; - exit 0; }