projects
/
freeside.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
RT 4.0.22
[freeside.git]
/
rt
/
lib
/
RT
/
Interface
/
Web
/
Handler.pm
diff --git
a/rt/lib/RT/Interface/Web/Handler.pm
b/rt/lib/RT/Interface/Web/Handler.pm
index
a1784c2
..
7cf18d1
100644
(file)
--- a/
rt/lib/RT/Interface/Web/Handler.pm
+++ b/
rt/lib/RT/Interface/Web/Handler.pm
@@
-2,7
+2,7
@@
#
# COPYRIGHT:
#
#
# COPYRIGHT:
#
-# This software is Copyright (c) 1996-201
3
Best Practical Solutions, LLC
+# This software is Copyright (c) 1996-201
4
Best Practical Solutions, LLC
# <sales@bestpractical.com>
#
# (Except where explicitly superseded by other copyright notices)
# <sales@bestpractical.com>
#
# (Except where explicitly superseded by other copyright notices)
@@
-251,7
+251,6
@@
use CGI::Emulate::PSGI;
use Plack::Request;
use Plack::Response;
use Plack::Util;
use Plack::Request;
use Plack::Response;
use Plack::Util;
-use Encode qw(encode_utf8);
sub PSGIApp {
my $self = shift;
sub PSGIApp {
my $self = shift;
@@
-278,7
+277,7
@@
sub PSGIApp {
# CGI.pm normalizes .. out of paths so when you requested
# /NoAuth/../Ticket/Display.html we saw Ticket/Display.html
# PSGI doesn't normalize .. so we have to deal ourselves.
# CGI.pm normalizes .. out of paths so when you requested
# /NoAuth/../Ticket/Display.html we saw Ticket/Display.html
# PSGI doesn't normalize .. so we have to deal ourselves.
- if ( $req->path_info =~ m{
/\.
} ) {
+ if ( $req->path_info =~ m{
(^|/)\.\.?(/|$)
} ) {
$RT::Logger->crit("Invalid request for ".$req->path_info." aborting");
my $res = Plack::Response->new(400);
return $self->_psgi_response_cb($res->finalize,sub { $self->CleanupRequest });
$RT::Logger->crit("Invalid request for ".$req->path_info." aborting");
my $res = Plack::Response->new(400);
return $self->_psgi_response_cb($res->finalize,sub { $self->CleanupRequest });
@@
-328,7
+327,10
@@
sub _psgi_response_cb {
$cleanup->();
return '';
}
$cleanup->();
return '';
}
- return utf8::is_utf8($_[0]) ? encode_utf8($_[0]) : $_[0];
+ # XXX: Ideally, responses should flag if they need
+ # to be encoded, rather than relying on the UTF-8
+ # flag
+ return Encode::encode("UTF-8",$_[0]) if utf8::is_utf8($_[0]);
return $_[0];
};
});
return $_[0];
};
});