Fcalva/chibi-scheme
1
0
Fork 0
mirror of https://github.com/ashinn/chibi-scheme.git synced 2025-05-21 14:49:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Using safe-setenv for env parameters set in cgi requests.

Browse source
This commit is contained in:
Alex Shinn 2014-09-26 20:26:07 +09:00
parent 5dbd1c9610
commit 2f55732dbf
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
lib/chibi/net/http-server.scm
View file

@ -215,12 +215,12 @@
(duplicate-file-descriptor-to
(port-fileno (request-in request)) 0)
(duplicate-file-descriptor-to (port-fileno out) 1)
(setenv "HTTP_HOST" (request-host request))
(setenv "REQUEST_URI" (uri->string (request-uri request)))
(setenv "REQUEST_METHOD"
(symbol->string (request-method request)))
(setenv "QUERY_STRING"
(or (uri-query (request-uri request)) ""))
(safe-setenv "HTTP_HOST" (request-host request))
(safe-setenv "REQUEST_URI" (uri->string (request-uri request)))
(safe-setenv "REQUEST_METHOD"
(symbol->string (request-method request)))
(safe-setenv "QUERY_STRING"
(or (uri-query (request-uri request)) ""))
(let ((res (execute local-path (list local-path))))
(display "failed to execute program: " (current-error-port))
(write local-path (current-error-port))