Change 33568 by [EMAIL PROTECTED] on 2008/03/26 03:18:01
Upgrade to CGI-3.35.
Affected files ...
... //depot/perl/lib/CGI.pm#77 edit
... //depot/perl/lib/CGI/Changes#17 edit
Differences ...
==== //depot/perl/lib/CGI.pm#77 (text) ====
Index: perl/lib/CGI.pm
--- perl/lib/CGI.pm#76~33564~ 2008-03-25 08:27:06.000000000 -0700
+++ perl/lib/CGI.pm 2008-03-25 20:18:01.000000000 -0700
@@ -18,8 +18,8 @@
# The most recent version and complete docs are available at:
# http://stein.cshl.org/WWW/software/CGI/
-$CGI::revision = '$Id: CGI.pm,v 1.247 2008/03/14 14:29:36 lstein Exp $';
-$CGI::VERSION='3.34_01';
+$CGI::revision = '$Id: CGI.pm,v 1.249 2008/03/25 15:17:55 lstein Exp $';
+$CGI::VERSION='3.35';
# HARD-CODED LOCATION FOR FILE UPLOAD TEMPORARY FILES.
# UNCOMMENT THIS ONLY IF YOU KNOW WHAT YOU'RE DOING.
@@ -2569,6 +2569,7 @@
$size = $size || scalar(@values);
my(%selected) = $self->previous_or_default($name,$defaults,$override);
+
my($is_multiple) = $multiple ? qq/ multiple="multiple"/ : '';
my($has_size) = $size ? qq/ size="$size"/: '';
my($other) = @other ? " @other" : '';
@@ -3381,12 +3382,12 @@
my($param)= $header{'Content-Disposition'}=~/ name="([^"]*)"/;
$param .= $TAINTED;
- # Bug: Netscape doesn't escape quotation marks in file names!!!
- # See RFC 1867, 2183, 2045
- # NB: File content will be loaded into memory should
- # content-disposition parsing fail.
- my ($filename) = $header{'Content-Disposition'}=~/
filename=(("[^"]*")|([a-z\d!\#'\*\+,\.^_\`\{\}\|\~]*))/i;
- $filename =~ s/^"([^"]*)"$/$1/;
+ # See RFC 1867, 2183, 2045
+ # NB: File content will be loaded into memory should
+ # content-disposition parsing fail.
+ my ($filename) = $header{'Content-Disposition'}
+ =~/
filename=(("[^"]*")|([a-z\d!\#'\*\+,\.^_\`\{\}\|\~]*))/i;
+ $filename =~ s/^"([^"]*)"$/$1/;
# Test for Opera's multiple upload feature
my($multipart) = ( defined( $header{'Content-Type'} ) &&
$header{'Content-Type'} =~ /multipart\/mixed/ ) ?
==== //depot/perl/lib/CGI/Changes#17 (text) ====
Index: perl/lib/CGI/Changes
--- perl/lib/CGI/Changes#16~31170~ 2007-05-08 08:09:20.000000000 -0700
+++ perl/lib/CGI/Changes 2008-03-25 20:18:01.000000000 -0700
@@ -1,3 +1,27 @@
+ Version 3.35
+ 1. Resync with bleadperl, primarily fixing a bug in parsing semicolons in
uploaded filenames.
+
+ Version 3.34
+ 1. Handle Unicode %uXXXX escapes properly -- patch from [EMAIL PROTECTED]
+ 2. Fix url() method to not choke on path names that contain regex characters.
+
+ Version 3.33
+ 1. Remove uninit variable warning when calling url(-relative=>1)
+ 2. Fix uninit variable warnings for two lc calls
+ 3. Fixed failure of tempfile upload due to sprintf() taint failure in perl
5.10
+
+ Version 3.32
+ 1. Patch from Miguel Santinho to prevent sending premature headers under
mod_perl 2.0
+
+ Version 3.31
+ 1. Patch from Xavier Robin so that CGI::Carp issues a 500 Status code rather
than a 200 status code.
+ 2. Patch from Alexander Klink to select correct temporary directory in OSX
Leopard so that upload works.
+ 3. Possibly fixed "wrapped pack" error on 5.10 and higher.
+
+ Version 3.30
+ 1. Patch from Mike Barry to handle POSTDATA in the same way as PUT.
+ 2. Patch from Rafael Garcia-Suarez to correctly reencode unicode values as
byte values.
+
Version 3.29
1. The position of file handles is now reset to zero when CGI->new is called.
(Mark Stosberg)
End of Patch.
