[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: serious form submission bug: !CURRENT_URL!
Katsumi Yamaoka <yamaoka@jpl.org>:
>> http://lists.em.ca/!CURRENT_URL!?submit=Search+vmailmgr&terms=frontmail&list=vmailmgr&command=search
>
> I don't know how to fix it so far, sorry. However, I found the
> string "!CURRENT_URL!" in the w3m (not emacs-w3m) source files.
> Dones anyone know what is it?
it seems to be an indicator of some sort, which is later removed from
the URI as parsing goes along. grepping for it lists:
file.c- char *p, *q, *r, *s, *tg, *n;
file.c- char cs = 0;
file.c-
file.c- p = "get";
file.c- parsedtag_get_value(tag, ATTR_METHOD, &p);
file.c: q = "!CURRENT_URL!";
file.c- parsedtag_get_value(tag, ATTR_ACTION, &q);
file.c- r = NULL;
file.c-#ifdef JP_CHARSET
--
file.c- case HTML_N_TEXTAREA:
file.c- close_textarea(h_env);
file.c- return 1;
file.c- case HTML_ISINDEX:
file.c- p = "";
file.c: q = "!CURRENT_URL!";
file.c- parsedtag_get_value(tag, ATTR_PROMPT, &p);
file.c- parsedtag_get_value(tag, ATTR_ACTION, &q);
file.c- tmp = Strnew_m_charp("<form method=get action=\"",
--
main.c- multipart = (fi->parent->method == FORM_METHOD_POST &&
main.c- fi->parent->enctype == FORM_ENCTYPE_MULTIPART);
main.c- query_from_followform(&tmp, fi, multipart);
main.c-
main.c- tmp2 = Strdup(fi->parent->action);
main.c: if (!Strcmp_charp(tmp2, "!CURRENT_URL!")) {
main.c- /* It means "current URL" */
main.c- tmp2 = parsedURL2Str(&Currentbuf->currentURL);
main.c- if ((p = strchr(tmp2->ptr, '?')) != NULL)
it is funny, though, that w3m undoes the "markup" correctly, whereas
emacs-w3m doesn't. could it be that emacs-w3m does something to the
URI presented to w3m? it might be reveiling if people collected forms
where it works and some where it doesn't.
clemens