X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=cgi%2Fpkgreport.cgi;h=1ea9a17a314160b2c83314677852e8f5f6312235;hb=05f158937d8e18b9bec70594f465fc078ed3bc59;hp=3fc500b355114472122bee11d936a0f60203b51f;hpb=63490635cc6313930c44c86d2f3b53031c8c4d23;p=debbugs.git diff --git a/cgi/pkgreport.cgi b/cgi/pkgreport.cgi index 3fc500b..1ea9a17 100755 --- a/cgi/pkgreport.cgi +++ b/cgi/pkgreport.cgi @@ -13,6 +13,12 @@ use warnings; use strict; +# Sanitize environent for taint +BEGIN{ + delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; +} + +binmode(STDOUT,':encoding(UTF-8)'); use POSIX qw(strftime nice); use Debbugs::Config qw(:globals :text :config); @@ -54,6 +60,7 @@ our %param = cgi_parameters(query => $q, qw(bug-rev pend-rev sev-rev), qw(maxdays mindays version), qw(data which dist newest), + qw(noaffects), ], default => $default_params, ); @@ -77,7 +84,8 @@ if (exists $param{form_options} and defined $param{form_options}) { } for my $incexc (qw(include exclude)) { next unless exists $param{$incexc}; - $param{$incexc} = [grep /\S\:\S/, make_list($param{$incexc})]; + # normalize tag to tags + $param{$incexc} = [map {s/^tag:/tags:/; $_} grep /\S\:\S/, make_list($param{$incexc})]; } for my $key (keys %package_search_keys) { next unless exists $param{key}; @@ -93,6 +101,16 @@ if (exists $param{form_options} and defined $param{form_options}) { exit 0; } +# normalize innclude/exclude keys; currently this is in two locations, +# which is suboptimal. Closes: #567407 +for my $incexc (qw(include exclude)) { + next unless exists $param{$incexc}; + # normalize tag to tags + $param{$incexc} = [map {s/^tag:/tags:/; $_} make_list($param{$incexc})]; +} + + + # map from yes|no to 1|0 for my $key (qw(repeatmerged bug-rev pend-rev sev-rev)) { if (exists $param{$key}){ @@ -418,6 +436,7 @@ my $result = pkg_htmlizebugs(bugs => \@bugs, (exists $param{dist})?(dist => $param{dist}):(), ); +print "Cache-Control: public, max-age=300\n"; print "Content-Type: text/html; charset=utf-8\n\n"; print "\n";