1 2 24 25 package org.enhydra.servlet.servlets; 26 27 import java.io.File ; 28 import java.io.IOException ; 29 30 import javax.servlet.ServletContext ; 31 import javax.servlet.ServletException ; 32 import javax.servlet.http.HttpServlet ; 33 import javax.servlet.http.HttpServletRequest ; 34 import javax.servlet.http.HttpServletResponse ; 35 36 37 48 public class CGIServlet extends HttpServlet { 49 50 58 public void service(HttpServletRequest request, 59 HttpServletResponse response) 60 throws ServletException , IOException { 61 62 String strBuffer, progName, scriptPath, scriptName, pathInfo; 65 int pathLength, sp, sp2; 66 String servletPath = request.getServletPath(); 67 68 if (servletPath.equals("")) { 69 progName = request.getPathTranslated(); 71 pathLength = servletPath.length(); 72 strBuffer = request.getRequestURI().substring(pathLength); 73 sp = progName.indexOf(strBuffer); 74 int nextSlash = 0; 75 while (sp == -1 && nextSlash != -1) { 76 77 nextSlash = strBuffer.indexOf(File.separator, 1); 78 if (nextSlash != -1){ 79 strBuffer = strBuffer.substring(nextSlash); 80 sp = progName.indexOf(strBuffer); 81 } 82 } 83 84 scriptPath = progName; 85 sp2 = 0; 86 while (sp2 < progName.length()) { 87 sp2 = progName.indexOf(File.separator, sp); 88 scriptPath = progName.substring(0, sp2==-1?progName.length():sp2); 89 if (!scriptPath.equals("")){ 90 File file = new File (scriptPath); 91 if (!file.isDirectory()) { 92 break; 93 } 94 } 95 sp = sp2 + 1; 96 } 97 98 pathInfo = progName.substring(scriptPath.length()); 99 scriptName = scriptPath.substring(scriptPath.lastIndexOf(File.separator) + 1); 100 } else { 101 ServletContext context = getServletContext(); 103 String realPath = context.getRealPath(""); 104 if (!realPath.endsWith(File.separator)) { 105 realPath = realPath + File.separator; 106 } 107 if (servletPath.startsWith(File.separator)) { 108 servletPath = servletPath.substring(1); 109 } 110 scriptPath = realPath + servletPath; 111 scriptName = scriptPath.substring(scriptPath.lastIndexOf(File.separator) + 1); 112 pathInfo = request.getPathInfo(); 113 } 114 115 if (!isAuthorized(scriptPath)) { 117 response.sendError(response.SC_NOT_FOUND); 118 return; 119 } 120 121 122 CgiProcessor cgi = new CgiProcessor(); 123 try { 124 cgi.processCgiRequest(request, response, scriptPath, pathInfo, scriptName); 125 } catch (IOException e) { 126 cgi.cgiError(response); 127 System.err.println("ERROR: CGI: " + e); 128 } 129 } 130 131 132 133 140 private boolean isAuthorized(String path) { 141 if ((path != null) && (path.indexOf("..") != -1)) 142 return false; 143 return true; 144 } 145 146 147 148 149 150 } 151 152 | Popular Tags |