diff options
author | makefu <github@syntax-fehler.de> | 2013-09-02 21:34:09 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2013-09-02 21:34:09 +0200 |
commit | 4a150dd91c25ff36e1604fedb5354033d90a2049 (patch) | |
tree | 61a312e673386b9f1e71c66147141e8648ab407f /util | |
parent | 4f8ac29f0ca730d48212282605cd61c654a42529 (diff) |
sanitize uriparse output
Diffstat (limited to 'util')
-rwxr-xr-x | util/bin/uriparse | 16 | ||||
-rwxr-xr-x | util/t/uriparse/parse-retard-uri | 13 | ||||
-rwxr-xr-x | util/t/uriparse/parse-url | 5 |
3 files changed, 24 insertions, 10 deletions
diff --git a/util/bin/uriparse b/util/bin/uriparse index 685b1ab1..b16bd9c8 100755 --- a/util/bin/uriparse +++ b/util/bin/uriparse @@ -1,6 +1,6 @@ #!/usr/bin/python -import os -from sys import argv,exit +from sys import argv, exit + def uri_parser(uri): try: @@ -17,12 +17,12 @@ if __name__ == "__main__": print('usage: %s URI') exit(1) u = uri_parser(uri) - - print('SCHEME="%s"' % u.scheme) + + print("SCHEME='%s'" % u.scheme.replace("'", "'\\''")) if u.username: - print('USERNAME="%s"' % u.username) + print("USERNAME='%s'" % u.username.replace("'", "'\\''")) if u.password: - print('PASSWORD="%s"' % u.password) + print("PASSWORD='%s'" % u.password.replace("'", "'\\''")) if u.path: - print('URIPATH="%s"' % u.path) - print('HOSTNAME="%s"' % u.hostname) + print("URIPATH='%s'" % u.path.replace("'", "'\\''")) + print("HOSTN='%s'" % u.hostname.replace("'", "'\\''")) diff --git a/util/t/uriparse/parse-retard-uri b/util/t/uriparse/parse-retard-uri new file mode 100755 index 00000000..14aab28e --- /dev/null +++ b/util/t/uriparse/parse-retard-uri @@ -0,0 +1,13 @@ +#!/bin/sh +set -euf +tempfile="`mktemp /tmp/test.XXXXXXXX`" +trap "/bin/rm -f $tempfile" EXIT INT + +uriparse "http://'lolwut:\"khan@domain.tld/'''" > $tempfile +. $tempfile +[ $HOSTN == "domain.tld" ] && \ + [ "$USERNAME" == "'lolwut" ] && \ + [ "$PASSWORD" == '"khan' ] && \ + [ "$URIPATH" == "/'''" ] + + diff --git a/util/t/uriparse/parse-url b/util/t/uriparse/parse-url index 153afb4a..b0c926ca 100755 --- a/util/t/uriparse/parse-url +++ b/util/t/uriparse/parse-url @@ -3,10 +3,11 @@ set -euf tempfile="`mktemp /tmp/test.XXXXXXXX`" trap "/bin/rm -f $tempfile" EXIT INT -urlparse "http://user:pass@domain.tld/path" > $tempfile +uriparse "http://user:pass@domain.tld/path" > $tempfile . $tempfile -[ $HOSTNAME == "domain.tld" ] && \ +[ $HOSTN == "domain.tld" ] && \ [ $USERNAME == "user" ] && \ [ $PASSWORD == "pass" ] && \ [ $URIPATH == "/path" ] + |