From: konn <konn@1a406e8e-add9-4483-a2c8-d8cac5b7c224>
Date: Fri, 19 Sep 2008 14:14:06 +0000 (+0000)
Subject:   * Bug with wrong treatment of QUERY_STRING when POST is done to another site.
X-Git-Url: http://git.osdn.net/view?a=commitdiff_plain;h=300a5d2e707b55cbd4bf12c62c6b716f2a2195e8;p=modchxj%2Fmod_chxj.git

  * Bug with wrong treatment of QUERY_STRING when POST is done to another site.


git-svn-id: svn+ssh://svn.sourceforge.jp/svnroot/modchxj/mod_chxj/branches/RELEASE_0_11_0@3193 1a406e8e-add9-4483-a2c8-d8cac5b7c224
---

diff --git a/include/chxj_tag_util.h b/include/chxj_tag_util.h
index 4c5d5353..457cd43e 100644
--- a/include/chxj_tag_util.h
+++ b/include/chxj_tag_util.h
@@ -97,7 +97,7 @@ extern char* qs_get_parse_attr(
   Node*        tag, 
   request_rec* r);
 
-extern char * chxj_form_action_to_hidden_tag(apr_pool_t *pool, const char *str, int xmlFlag, int post_flag);
+extern char * chxj_form_action_to_hidden_tag(request_rec *r, apr_pool_t *pool, const char *str, int xmlFlag, int post_flag);
 #endif
 /*
  * vim:ts=2 et
diff --git a/src/chxj_chtml10.c b/src/chxj_chtml10.c
index 539c5b4b..5482b65d 100644
--- a/src/chxj_chtml10.c
+++ b/src/chxj_chtml10.c
@@ -1879,8 +1879,10 @@ s_chtml10_start_form_tag(void *pdoc, Node *node)
     char *q;
     q = strchr(attr_value, '?');
     if (q) {
-      new_hidden_tag = chxj_form_action_to_hidden_tag(doc->pool, attr_value, 0, post_flag);
-      *q = 0;
+      new_hidden_tag = chxj_form_action_to_hidden_tag(r, doc->pool, attr_value, 0, post_flag);
+      if (new_hidden_tag) {
+        *q = 0;
+      }
     }
     W10_L(" action=\"");
     W10_V(attr_value);
diff --git a/src/chxj_chtml20.c b/src/chxj_chtml20.c
index c6a3aa1d..33fb29c4 100644
--- a/src/chxj_chtml20.c
+++ b/src/chxj_chtml20.c
@@ -1488,8 +1488,10 @@ s_chtml20_start_form_tag(void *pdoc, Node *node)
     char *q;
     q = strchr(attr_action, '?');
     if (q) {
-      new_hidden_tag = chxj_form_action_to_hidden_tag(doc->pool, attr_action, 0, post_flag);
-      *q = 0;
+      new_hidden_tag = chxj_form_action_to_hidden_tag(r, doc->pool, attr_action, 0, post_flag);
+      if (new_hidden_tag) {
+        *q = 0;
+      }
     }
     W_L(" action=\"");
     W_V(attr_action);
diff --git a/src/chxj_chtml30.c b/src/chxj_chtml30.c
index c11355d6..1880faca 100644
--- a/src/chxj_chtml30.c
+++ b/src/chxj_chtml30.c
@@ -1395,8 +1395,10 @@ s_chtml30_start_form_tag(void *pdoc, Node *node)
     char *q;
     q = strchr(attr_action, '?');
     if (q) {
-      new_hidden_tag = chxj_form_action_to_hidden_tag(doc->pool, attr_action, 0, post_flag);
-      *q = 0;
+      new_hidden_tag = chxj_form_action_to_hidden_tag(r, doc->pool, attr_action, 0, post_flag);
+      if (new_hidden_tag) {
+        *q = 0;
+      }
     }
     W_L(" action=\"");
     W_V(attr_action);
diff --git a/src/chxj_jhtml.c b/src/chxj_jhtml.c
index c9c5fc41..33d15248 100644
--- a/src/chxj_jhtml.c
+++ b/src/chxj_jhtml.c
@@ -1384,8 +1384,10 @@ s_jhtml_start_form_tag(void *pdoc, Node *node)
     char *q;
     q = strchr(attr_action, '?');
     if (q) {
-      new_hidden_tag = chxj_form_action_to_hidden_tag(doc->pool, attr_action, 0, post_flag);
-      *q = 0;
+      new_hidden_tag = chxj_form_action_to_hidden_tag(r, doc->pool, attr_action, 0, post_flag);
+      if (new_hidden_tag) {
+        *q = 0;
+      }
     }
     W_L(" action=\"");
     W_V(attr_action);
diff --git a/src/chxj_tag_util.c b/src/chxj_tag_util.c
index 959c9569..b95eb6c1 100644
--- a/src/chxj_tag_util.c
+++ b/src/chxj_tag_util.c
@@ -16,6 +16,7 @@
  */
 #include "chxj_tag_util.h"
 #include "chxj_url_encode.h"
+#include "chxj_str_util.h"
 
 /**
  * The value of the VALUE attribute that the object tag node maintains is
@@ -603,11 +604,19 @@ qs_get_parse_attr(Doc* doc, Node* tag, request_rec* r)
 
 
 char *
-chxj_form_action_to_hidden_tag(apr_pool_t *pool, const char *str, int xmlFlag, int post)
+chxj_form_action_to_hidden_tag(request_rec *r, apr_pool_t *pool, const char *str, int xmlFlag, int post)
 {
   char *s = apr_pstrdup(pool, str);
+  if (!s) return NULL;
+  if (chxj_starts_with(s, "http://") || chxj_starts_with(s, "https://")) {
+    apr_uri_t url;
+    apr_uri_parse(pool, s, &url);
+    if (url.hostname && strcasecmp(url.hostname, r->hostname) != 0) {
+      return NULL;
+    }
+  }
   s = strchr(s, '?');
-  if (!s) return (char *)str;
+  if (!s) return NULL;
   s++;
   char *result = NULL;
 
diff --git a/src/chxj_xhtml_mobile_1_0.c b/src/chxj_xhtml_mobile_1_0.c
index 5f153641..d3222c07 100644
--- a/src/chxj_xhtml_mobile_1_0.c
+++ b/src/chxj_xhtml_mobile_1_0.c
@@ -1281,8 +1281,10 @@ s_xhtml_1_0_start_form_tag(void *pdoc, Node *node)
     char *q;
     q = strchr(attr_action, '?');
     if (q) {
-      new_hidden_tag = chxj_form_action_to_hidden_tag(doc->pool, attr_action, 1, post_flag);
-      *q = 0;
+      new_hidden_tag = chxj_form_action_to_hidden_tag(r, doc->pool, attr_action, 1, post_flag);
+      if (new_hidden_tag) {
+        *q = 0;
+      }
     }
     W_L(" action=\"");
     W_V(attr_action);