View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000045aMuleMiscpublic2004-05-02 03:032004-05-20 13:08
ReporterBatman 
Assigned ToXaignar 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0000045: Simple quote pb in URL (for fake check)
DescriptionThis file with a quote in its name generate a bad URL :
hash : a0f19f46dddbad04c7ca6da8b5e2debc
title : L'Evadé.D.'alcatraz.BivX.By.SENSATION.trouvé.sur.rave-zone.net.avi

It's better replacing all special chars. Actually, it's better keepping only the one we know being OK ! We keep only letters, numbers, and some chars as -_:/|%.

My CamuleApp::GenFakeCheckUrl() follows.
Source file is amule.cpp.
Additional Information// Generates an URL for checking if a file is "fake"
wxString CamuleApp::GenFakeCheckUrl(CAbstractFile *f)
{
        wxString strURL = "http://donkeyfakes.gambri.net/fakecheck/update/fakecheck.php?ed2k="; [^]
        wxString strED2kURL = CreateED2kLink( f );
        //printf ("Init URL : %s\n",strED2kURL.ToAscii());

        // Various symbols don't work in URLs... keep only the ones we know being OK
        for (int i=32 ; i <256 ; i++) {
                if ( ! (i=='-' || i=='_' || i=='.' || i=='|' || i=='%' || i==':' || i=='/' ||
                        (i>='a' && i<='z') || (i>='A' && i<='Z') || (i>='0' && i<='9')) ) {
                        char ascii_code[3];
                        memset(ascii_code,0,3);
                        sprintf(ascii_code,"%x",i);
                        //printf("Replace char %c with hex %s\n",(char)i,ascii_code);
                        strED2kURL.Replace(wxString((char)i),"%"+wxString(ascii_code));
                }
                //else printf("char %c not changed\n",(char)i);
        }

        //printf ("End URL : %s\n",strED2kURL.ToAscii());
        strURL += strED2kURL;
        return strURL;
}
TagsNo tags attached.
Fixed in Revision
Operating System
Attached Files

- Relationships

-  Notes
(0000058)
Xaignar (manager)
2004-05-20 12:41

The problem is that we use single quotes to escape the URL when executing the browser selected for fake-check:
        case 0: cmd = "konqueror '%s'"; break;
        case 1: cmd = "xterm -e sh -c 'mozilla %s'"; break;
        case 2: cmd = "firefox '%s'"; break;
        case 3: cmd = "firebird '%s'"; break;
        case 4: cmd = "opera '%s'"; break;
        case 5: cmd = "netscape '%s'"; break;
        case 6: cmd = "galeon '%s'"; break;
        case 7: cmd = "epiphany '%s'"; break;
        case 8: cmd = prefs->CustomBrowser; break;

Thus, we need to escape any quotes in the URL, both single and double to be safe. The rest of the escaping can be done with the wx function wxURL::ConvertToValidURI, which whill make our work quite a bit simpler. ;)
(0000059)
Xaignar (manager)
2004-05-20 13:08

The following has been tested and committed. Please note that you need to include <wx/url.h> if you wish to test it yourself. Also, note that I updated the fake-check URL. Cheers. ;)

wxString CamuleApp::GenFakeCheckUrl(CAbstractFile *f)
{
    wxString strURL = "http://donkeyfakes.gambri.net/index.php?action=search&ed2k="; [^]
    
    strURL = wxURL::ConvertToValidURI( strURL + CreateED2kLink( f ) );

    // The following cause problems, so we escape them
    strURL.Replace("\"", "%22");
    strURL.Replace("'", "%27");
    strURL.Replace("`", "%60");

    return strURL;
}

- Issue History
Date Modified Username Field Change
2004-05-02 03:03 Batman New Issue
2004-05-03 18:29 Xaignar Status new => assigned
2004-05-03 18:29 Xaignar Assigned To => Xaignar
2004-05-20 12:41 Xaignar Note Added: 0000058
2004-05-20 13:08 Xaignar Status assigned => resolved
2004-05-20 13:08 Xaignar Resolution open => fixed
2004-05-20 13:08 Xaignar Note Added: 0000059


Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker