fu: Close-up of Fu, bringing a scoop of water to her mouth (Default)
fu ([personal profile] fu) wrote in [site community profile] changelog2012-01-23 12:04 am
  • Add Memory
  • Share This Entry

[dw-free] http://bugs.dwscoalition.org/show_bug.cgi?id=4185

[commit: http://hg.dwscoalition.org/dw-free/rev/78a0be4f6baa]

http://bugs.dwscoalition.org/show_bug.cgi?id=4185

Strip the auth whether the page linked to is see_request.bml, or
see_request.

Patch by [personal profile] kareila.

Files modified:
  • cgi-bin/LJ/CleanHTML.pm
  • cgi-bin/LJ/Support.pm
  • cgi-bin/LJ/TextUtil.pm
--------------------------------------------------------------------------------
diff -r 3c75a7d7814b -r 78a0be4f6baa cgi-bin/LJ/CleanHTML.pm
--- a/cgi-bin/LJ/CleanHTML.pm	Mon Jan 23 07:53:50 2012 +0800
+++ b/cgi-bin/LJ/CleanHTML.pm	Mon Jan 23 08:05:33 2012 +0800
@@ -114,8 +114,8 @@
     # anything to it if $$data contains only invalid content
     my $newdata = '';
 
-    # remove the auth portion of any see_request.bml links
-    $$data =~ s/(see_request\.bml\S+?)auth=\w+/$1/ig;
+    # remove the auth portion of any see_request links
+    $$data = LJ::strip_request_auth( $$data );
 
     my $p = HTML::TokeParser->new($data);
 
diff -r 3c75a7d7814b -r 78a0be4f6baa cgi-bin/LJ/Support.pm
--- a/cgi-bin/LJ/Support.pm	Mon Jan 23 07:53:50 2012 +0800
+++ b/cgi-bin/LJ/Support.pm	Mon Jan 23 08:05:33 2012 +0800
@@ -591,8 +591,8 @@
     my $reqsubject = LJ::trim($o->{'subject'});
     my $reqbody = LJ::trim($o->{'body'});
 
-    # remove the auth portion of any see_request.bml links
-    $reqbody =~ s/(see_request\.bml.+?)\&auth=\w+/$1/ig;
+    # remove the auth portion of any see_request links
+    $reqbody = LJ::strip_request_auth( $reqbody );
 
     unless ($reqsubject) {
         push @$errors, LJ::Lang::ml( "error.support.nosummary" );
diff -r 3c75a7d7814b -r 78a0be4f6baa cgi-bin/LJ/TextUtil.pm
--- a/cgi-bin/LJ/TextUtil.pm	Mon Jan 23 07:53:50 2012 +0800
+++ b/cgi-bin/LJ/TextUtil.pm	Mon Jan 23 08:05:33 2012 +0800
@@ -34,6 +34,16 @@
     return $a;
 }
 
+# check argument text for see_request links, and strip any auth args
+
+sub strip_request_auth {
+    my $a = $_[0];
+    return '' unless defined $a;
+
+    $a =~ s/(see_request\S+?)\&auth=\w+/$1/ig;
+    return $a;
+}
+
 # <LJFUNC>
 # name: LJ::get_urls
 # class: text
--------------------------------------------------------------------------------
  • Add Memory
  • Share This Entry
(3 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.