aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kodama.kitenet.net>2008-10-19 21:07:12 -0400
committerJoey Hess <joey@kodama.kitenet.net>2008-10-19 21:07:12 -0400
commit3e992b758b0d7e96f369372340b95d8ef4302aae (patch)
tree7f7447795fb8fc33e0db0afafa0e21cf725f726e
parentfd9393ef8575ad4a8966ae7f5310aab688dedf48 (diff)
downloadikiwiki-3e992b758b0d7e96f369372340b95d8ef4302aae.tar
ikiwiki-3e992b758b0d7e96f369372340b95d8ef4302aae.tar.gz
Fix issue with utf-8 in wikiname breaking session cookies, by entity-encoding the wikiname in the session cookie.
-rw-r--r--IkiWiki/CGI.pm4
-rw-r--r--debian/changelog2
-rw-r--r--doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn6
3 files changed, 10 insertions, 2 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index dac522eea..4399d0dcb 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -278,9 +278,9 @@ sub check_banned ($$) { #{{{
sub cgi_getsession ($) { #{{{
my $q=shift;
- eval q{use CGI::Session};
+ eval q{use CGI::Session; use HTML::Entities};
error($@) if $@;
- CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
+ CGI::Session->name("ikiwiki_session_".encode_entities($config{wikiname}));
my $oldmask=umask(077);
my $session = eval {
diff --git a/debian/changelog b/debian/changelog
index 1f47f614e..352329f94 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -12,6 +12,8 @@ ikiwiki (2.68) UNRELEASED; urgency=low
* Plugins that used to override displaytime should instead override
formattime. displaytime will call that, and may wrap markup around the
formatted time.
+ * Fix issue with utf-8 in wikiname breaking session cookies, by
+ entity-encoding the wikiname in the session cookie.
-- Joey Hess <joeyh@debian.org> Fri, 17 Oct 2008 20:11:02 -0400
diff --git a/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn b/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn
index c272d4b4f..7c71ff0ff 100644
--- a/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn
+++ b/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn
@@ -5,4 +5,10 @@ Inspecting the cookie information (thanks to Iceweasel's webdeveloper add-on), I
Replacing "ยท" with "-" in `wikiname` fixed this login issue.
+> Hmm, Recai sent me a patch a long time ago to handle utf-8 here by encoding
+> the wikiname. But it doesn't seem to work, somehow the encoded utf-8
+> value still doesn't make it through. (CGI::Session seems to have underermined utf-8
+> issues too.) Seems like I will have to possibly break some sessions and
+> entity-encode the wikiname in the cookie.. done. --[[Joey]]
+
(BTW, such a char was replaced by -I don't remember what encoding thingie- in my setup file, when running `ikiwiki-transition setupformat`.)