joes 2004/08/08 14:24:01
Modified: glue/perl/docs Error.pod Request.pod Table.pod
src apreq_cookie.c
Log:
Add length enforcement back to bake(2), and add minor fixups to the perl docs.
Revision Changes Path
1.8 +16 -5 httpd-apreq-2/glue/perl/docs/Error.pod
Index: Error.pod
===================================================================
RCS file: /home/cvs/httpd-apreq-2/glue/perl/docs/Error.pod,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Error.pod 5 Aug 2004 18:11:46 -0000 1.7
+++ Error.pod 8 Aug 2004 21:24:01 -0000 1.8
@@ -11,7 +11,7 @@
$r = APR::Pool->new;
$req = Apache::Request->new($r);
$req->body_status(0);
- $req->parse;
+ $req->parse; # XXX sets up body table
$u = Apache::Upload->new($r, name => "foo", file => __FILE__);
$req->body->add($u);
$jar = Apache::Cookie::Jar->new($r);
@@ -60,7 +60,8 @@
=head1 Apache::Request::Error
-detects param parsing errors
+These exceptions are derived from APR::Error and Apache::Request,
+and indicate that an error occurred during param parsing.
=for example begin
@@ -73,9 +74,12 @@
+
=head1 Apache::Upload::Error
-detects errors during interaction with the filesystem.
+These exceptions are derived from APR::Error and Apache::Upload,
+and indicate that some Apache::Upload method failed (often caused
+by a filesystem error).
=for example begin
@@ -88,9 +92,12 @@
+
=head1 Apache::Cookie::Jar::Error
-detects cookie parsing errors
+These exceptions are derived from APR::Error and Apache::Cookie::Jar,
+and indicate that the cookie parser failed to successfully parse the
+incoming Cookie header.
=for example begin
@@ -106,8 +113,12 @@
=head1 Apache::Cookie::Error
-detects bad cookies (usually during bake or bake2).
+These exceptions are derived from APR::Error and Apache::Cookie.
+Their presence indicates that an Apache::Cookie method failed.
+Typically they are caused by
+ 1) attempting to bake(2) a non-compliant cookie,
+ 2) attempting to set an unsupported cookie attribute.
=for example begin
1.10 +24 -5 httpd-apreq-2/glue/perl/docs/Request.pod
Index: Request.pod
===================================================================
RCS file: /home/cvs/httpd-apreq-2/glue/perl/docs/Request.pod,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- Request.pod 5 Aug 2004 18:11:46 -0000 1.9
+++ Request.pod 8 Aug 2004 21:24:01 -0000 1.10
@@ -342,7 +342,14 @@
An optional name parameter can be passed to return the POST data
parameter associated with the given name:
- my $param = $req->body($name);
+=for example begin
+
+ my $foo_body = $req->body("foo");
+
+=for example end
+
+=for example_testing
+ is $foo_body, __FILE__;
More generally, C<body()> follows the same pattern as C<param()>
with respect to its return values and argument list. The main difference
@@ -367,9 +374,14 @@
my $upload = $req->upload($name);
+More generally, C<upload()> follows the same pattern as C<param()>
+with respect to its return values and argument list. The main difference
+is that its returned values are Apache::Upload object refs, not
+simple scalars.
+
Note: modifications to the C<< scalar $req->upload() >> table only
affect the returned table object (the underlying C apr_table_t is
-generated by apreq_uploads()). They do not affect the actual request
+I<generated> by apreq_uploads()). They do not affect the actual request
data, and will not be seen by other libapreq2 applications.
@@ -392,6 +404,7 @@
=head2 body_status
$req->body_status()
+ $req->body_status($set)
Get/set the current I<APR> status code of the parsed POST data.
APR_SUCCESS when parser has completed, APR_INCOMPLETE if parser
@@ -409,7 +422,11 @@
In scalar context, this returns C<args_status> if there was
an error during the query-string parse, otherwise this returns
-C<body_status>. In list context this returns the list
+C<body_status>, ie
+
+ $req->args_status || $req->body_status
+
+In list context C<param_status> returns the list
C<(args_status, body_status)>.
=for testing
@@ -430,9 +447,11 @@
query-string or body parser fail. In all other contexts it will
return the two parsers' combined I<APR> status code
- $req->body_status || $req->args_status
+ $req->body_status || $req->args_status
+
+=for testing
+ is $req->parse, $req->body_status || $req->args_status;
-(see L<param_status> for the alternate order).
However C<parse> should be avoided in most normal situations. For example,
in a mod_perl content handler it is more efficient to write
1.9 +4 -4 httpd-apreq-2/glue/perl/docs/Table.pod
Index: Table.pod
===================================================================
RCS file: /home/cvs/httpd-apreq-2/glue/perl/docs/Table.pod,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- Table.pod 8 Aug 2004 18:42:06 -0000 1.8
+++ Table.pod 8 Aug 2004 21:24:01 -0000 1.9
@@ -23,8 +23,8 @@
{
my $do_data = "";
- $table->do( sub { $do_data .= "@_"; 1 } );
- ok $do_data eq "test 1foo bar1foo bar2";
+ $table->do( sub { $do_data .= "@_,"; 1 } );
+ ok $do_data eq "test 1,foo bar1,foo bar2,";
}
=for example end
@@ -92,8 +92,8 @@
=head1 Apache::Cookie::Table
These tables arise from the C<cookies> method of Apache::Cookie::Jar, and
-their values are Apache::Cookie objects.
-
+their values are Apache::Cookie objects (or Apache::Cookie derived objects-
+see the discussion of C<VALUE_CLASS> in L<Apache::Cookie>).
=for example begin
1.34 +21 -6 httpd-apreq-2/src/apreq_cookie.c
Index: apreq_cookie.c
===================================================================
RCS file: /home/cvs/httpd-apreq-2/src/apreq_cookie.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- apreq_cookie.c 4 Aug 2004 17:40:54 -0000 1.33
+++ apreq_cookie.c 8 Aug 2004 21:24:01 -0000 1.34
@@ -546,20 +546,35 @@
APREQ_DECLARE(apr_status_t) apreq_cookie_bake(const apreq_cookie_t *c,
void *env)
{
- char *s = apreq_cookie_as_string(c,apreq_env_pool(env));
- return apreq_env_set_cookie(env, s);
+ char s[APREQ_COOKIE_MAX_LENGTH];
+ int len = apreq_cookie_serialize(c, s, APREQ_COOKIE_MAX_LENGTH);
+ if (len < APREQ_COOKIE_MAX_LENGTH)
+ return apreq_env_set_cookie(env, s);
+
+ apreq_log(APREQ_ERROR APR_INCOMPLETE, env,
+ "serialized cookie length exceeds limit %d",
+ APREQ_COOKIE_MAX_LENGTH - 1);
+ return APR_INCOMPLETE;
}
APREQ_DECLARE(apr_status_t) apreq_cookie_bake2(const apreq_cookie_t *c,
void *env)
{
- char *s;
- s = apreq_cookie_as_string(c, apreq_env_pool(env));
+ char s[APREQ_COOKIE_MAX_LENGTH];
+ if ( c->version != NETSCAPE ) {
+ int len = apreq_cookie_serialize(c, s, APREQ_COOKIE_MAX_LENGTH);
+ if (len < APREQ_COOKIE_MAX_LENGTH)
+ return apreq_env_set_cookie2(env, s);
- if ( c->version != NETSCAPE )
- return apreq_env_set_cookie2(env, s);
+ apreq_log(APREQ_ERROR APR_INCOMPLETE, env,
+ "serialized cookie length exceeds limit %d",
+ APREQ_COOKIE_MAX_LENGTH - 1);
+ return APR_INCOMPLETE;
+ }
apreq_log(APREQ_ERROR APR_EGENERAL, env,
"Cannot bake2 a Netscape cookie: %s", s);
+
+
return APR_EGENERAL;
}
