about summary refs log tree commit diff stats
path: root/ui-shared.c
diff options
context:
space:
mode:
authorJason A. Donenfeld2016-01-14 14:28:37 +0100
committerJason A. Donenfeld2016-01-14 14:28:37 +0100
commit513b3863d999f91b47d7e9f26710390db55f9463 (patch)
treef704af1ea3f8da9b3b2904fbe8ed8233278314c6 /ui-shared.c
parentui-shared: Avoid new line injection into redirect header (diff)
downloadcgit-513b3863d999f91b47d7e9f26710390db55f9463.tar.gz
cgit-513b3863d999f91b47d7e9f26710390db55f9463.zip
ui-shared: prevent malicious filename from injecting headers
Diffstat (limited to 'ui-shared.c')
-rw-r--r--ui-shared.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/ui-shared.c b/ui-shared.c index 21f581f..54bbde7 100644 --- a/ui-shared.c +++ b/ui-shared.c
@@ -692,9 +692,11 @@ void cgit_print_http_headers(void)
692 htmlf("Content-Type: %s\n", ctx.page.mimetype); 692 htmlf("Content-Type: %s\n", ctx.page.mimetype);
693 if (ctx.page.size) 693 if (ctx.page.size)
694 htmlf("Content-Length: %zd\n", ctx.page.size); 694 htmlf("Content-Length: %zd\n", ctx.page.size);
695 if (ctx.page.filename) 695 if (ctx.page.filename) {
696 htmlf("Content-Disposition: inline; filename=\"%s\"\n", 696 html("Content-Disposition: inline; filename=\"");
697 ctx.page.filename); 697 html_header_arg_in_quotes(ctx.page.filename);
698 html("\"\n");
699 }
698 if (!ctx.env.authenticated) 700 if (!ctx.env.authenticated)
699 html("Cache-Control: no-cache, no-store\n"); 701 html("Cache-Control: no-cache, no-store\n");
700 htmlf("Last-Modified: %s\n", http_date(ctx.page.modified)); 702 htmlf("Last-Modified: %s\n", http_date(ctx.page.modified));