diff options
author | Joey Hess <joey@kodama.kitenet.net> | 2008-10-19 21:07:12 -0400 |
---|---|---|
committer | Joey Hess <joey@kodama.kitenet.net> | 2008-10-19 21:07:12 -0400 |
commit | 3e992b758b0d7e96f369372340b95d8ef4302aae (patch) | |
tree | 7f7447795fb8fc33e0db0afafa0e21cf725f726e | |
parent | fd9393ef8575ad4a8966ae7f5310aab688dedf48 (diff) | |
download | ikiwiki-3e992b758b0d7e96f369372340b95d8ef4302aae.tar ikiwiki-3e992b758b0d7e96f369372340b95d8ef4302aae.tar.gz |
Fix issue with utf-8 in wikiname breaking session cookies, by entity-encoding the wikiname in the session cookie.
-rw-r--r-- | IkiWiki/CGI.pm | 4 | ||||
-rw-r--r-- | debian/changelog | 2 | ||||
-rw-r--r-- | doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn | 6 |
3 files changed, 10 insertions, 2 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index dac522eea..4399d0dcb 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -278,9 +278,9 @@ sub check_banned ($$) { #{{{ sub cgi_getsession ($) { #{{{ my $q=shift; - eval q{use CGI::Session}; + eval q{use CGI::Session; use HTML::Entities}; error($@) if $@; - CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname})); + CGI::Session->name("ikiwiki_session_".encode_entities($config{wikiname})); my $oldmask=umask(077); my $session = eval { diff --git a/debian/changelog b/debian/changelog index 1f47f614e..352329f94 100644 --- a/debian/changelog +++ b/debian/changelog @@ -12,6 +12,8 @@ ikiwiki (2.68) UNRELEASED; urgency=low * Plugins that used to override displaytime should instead override formattime. displaytime will call that, and may wrap markup around the formatted time. + * Fix issue with utf-8 in wikiname breaking session cookies, by + entity-encoding the wikiname in the session cookie. -- Joey Hess <joeyh@debian.org> Fri, 17 Oct 2008 20:11:02 -0400 diff --git a/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn b/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn index c272d4b4f..7c71ff0ff 100644 --- a/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn +++ b/doc/bugs/unicode_chars_in_wikiname_break_auth.mdwn @@ -5,4 +5,10 @@ Inspecting the cookie information (thanks to Iceweasel's webdeveloper add-on), I Replacing "ยท" with "-" in `wikiname` fixed this login issue. +> Hmm, Recai sent me a patch a long time ago to handle utf-8 here by encoding +> the wikiname. But it doesn't seem to work, somehow the encoded utf-8 +> value still doesn't make it through. (CGI::Session seems to have underermined utf-8 +> issues too.) Seems like I will have to possibly break some sessions and +> entity-encode the wikiname in the cookie.. done. --[[Joey]] + (BTW, such a char was replaced by -I don't remember what encoding thingie- in my setup file, when running `ikiwiki-transition setupformat`.) |