--- parser3/src/classes/file.C 2005/11/24 14:00:34 1.142 +++ parser3/src/classes/file.C 2006/10/31 17:16:10 1.145 @@ -5,7 +5,7 @@ Author: Alexandr Petrosian (http://paf.design.ru) */ -static const char * const IDENT_FILE_C="$Date: 2005/11/24 14:00:34 $"; +static const char * const IDENT_FILE_C="$Date: 2006/10/31 17:16:10 $"; #include "pa_config_includes.h" @@ -199,7 +199,7 @@ static void _load(Request& r, MethodPara VFile& self=GET_SELF(r, VFile); self.set(true/*tainted*/, file.str, file.length, user_file_name, vcontent_type); if(file.headers) - file.headers->for_each(_load_pass_param, &self.fields()); + file.headers->for_each(_load_pass_param, &self.fields()); } static void _create(Request& r, MethodParams& params) { @@ -356,10 +356,10 @@ static void _exec_cgi(Request& r, Method // $.others Append_env_pair_info info={&r.charsets, &env, 0}; { - // influence URLencoding of tainted pieces to String::L_URI lang - // main target -- $.QUERY_STRING + // influence tainting + // main target -- $.QUERY_STRING -- URLencoding of tainted pieces to String::L_URI lang Temp_client_charset temp(r.charsets, charset? *charset: r.charsets.source()); - user_env->for_each(append_env_pair, &info); + user_env->for_each(append_env_pair, &info); } // $.stdin if(info.vstdin) { @@ -380,8 +380,15 @@ static void _exec_cgi(Request& r, Method // argv from params ArrayString argv; if(params.count()>2) { - for(size_t i=2; i 0) { + argv+=new String(param.cstr_to_string_body(String::L_UNSPECIFIED, 0, &r.charsets), String::L_AS_IS); + } + } } // transcode if necessary