From patchwork Mon Jun 17 11:12:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7881 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4W2nKs62TSz3wnw for ; Mon, 17 Jun 2024 11:12:49 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4W2nKn0TGcz224; Mon, 17 Jun 2024 11:12:45 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4W2nKm3ZfZz33Cf; Mon, 17 Jun 2024 11:12:44 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4W2nKk1vBWz2xRp for ; Mon, 17 Jun 2024 11:12:42 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4W2nKh6yhzz1X1; Mon, 17 Jun 2024 11:12:40 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1718622761; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=/K0SqsUwXqHffiyVAeVnI7Hwx01J6C1DVcp7Ny+juog=; b=m696lUdbuD2ayzgYr3dqrsu2I+Ri8h6RMvhTmDfosVpOjx6GM6REkJL3wFLWUn+8zMXJ0o CELDfwyi/dCKBoAA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1718622761; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=/K0SqsUwXqHffiyVAeVnI7Hwx01J6C1DVcp7Ny+juog=; b=EVQcUMDQnWTyMUmvdLx8xpWrQcc8GP+/CgOlAcLZwl6oFuJtjRndRDM32mdOCj9+VzZf8k Dz6ktmaJTHsg4wrBXe0O4gRr9BAWnDJPGEJjiNdZ590JBAIWsWymnt5TE6y+Z1jVc0mniJ 4/SoTgHfHFukoSAEPukZWltB76P+E6LvG0l5bwDXfyWi7hwav+Nqb5I27b/Y931CIym4jk 4k+Bv8JP90tu+mk3Qf/WHYWXIza+19Lv5VCdv8WmhGX6QfmSv6Vzbj0s635lNbtxDKmVM7 thduHJe69OspiwT5fHntCUPj6gyPrjP2vVIBw97f3o0BxcXsIBGr2t7CTgI6Ng== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 1/2] header.pl: Add utf-8 handling into cleanhtml command Date: Mon, 17 Jun 2024 13:12:35 +0200 Message-ID: <20240617111236.2926-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: ZPEXYAAXJPI4G3CC6KPYKDBIY5WJL5TL X-Message-ID-Hash: ZPEXYAAXJPI4G3CC6KPYKDBIY5WJL5TL X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - existing cleanhtml command does not handle diacritical charcters such as umlauts, acute, grave and circumflex accents. - In bug 12395 the problem was resolved by adding decode before and encode after the cleanhtml command in dns.cgi - Suggestion from @Michael Tremer was to add the decode and encode sections into the actual cleanhtml subroutine in header.pl - This patch submission is the execution of that suggestion. - This will ensure that whenever cleanhtml is used for any remark in a WUI page it will handle diacritical charcters. - Tested out on my vm testbed system and confirmed to be working when cleanhtml has the encode and decode lines. - Combined with this patch is another one that changes the dns.cgi to remove the decode and encode entries added into the cgi code. Suggested-by: Michael Tremer Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- config/cfgroot/header.pl | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/config/cfgroot/header.pl b/config/cfgroot/header.pl index a67ff92ee..66b49e411 100644 --- a/config/cfgroot/header.pl +++ b/config/cfgroot/header.pl @@ -16,6 +16,7 @@ use File::Basename; use HTML::Entities(); use Socket; use Time::Local; +use Encode; our %color = (); &General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color); @@ -365,8 +366,13 @@ sub escape($) { sub cleanhtml { my $outstring =$_[0]; $outstring =~ tr/,/ / if not defined $_[1] or $_[1] ne 'y'; - - return escape($outstring); + # decode the UTF-8 text so that characters with diacritical marks such as + # umlauts are treated correctly by the escape command + $outstring = &Encode::decode("UTF-8",$outstring); + escape($outstring); + # encode the text back to UTF-8 after running the escape command + $outstring = &Encode::encode("UTF-8",$outstring); + return $outstring; } sub connectionstatus From patchwork Mon Jun 17 11:12:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7882 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4W2nKt6fdQz3wnw for ; Mon, 17 Jun 2024 11:12:50 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4W2nKn5NcPz4X5; Mon, 17 Jun 2024 11:12:45 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4W2nKm5DhVz33Fc; Mon, 17 Jun 2024 11:12:44 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4W2nKk2Jjvz2xRp for ; Mon, 17 Jun 2024 11:12:42 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4W2nKj68wmz1Yf; Mon, 17 Jun 2024 11:12:41 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1718622761; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J9YaUN5rohbRK5OzwYINiC1bhFGchRlajrDbVsdezr8=; b=MRSGTVq+QTOhiwUb9Vle28aEpXbmTxAgU9z62jzUuaK8zWKsD8ymVwkS71NLgSeBoRBabB Cp+rPoy7TyugfeBA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1718622761; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J9YaUN5rohbRK5OzwYINiC1bhFGchRlajrDbVsdezr8=; b=JJm+k/SLjonCJktHkQbg8+8gsD9O6pD7S/sp3CSDEsW0U1O64CzfUHtsgq1ZDHzyonIQg5 cNEh/gw4IfvFqrBiCbAh8CREYefUFcjUkX92tETeF93tQvIbjX/IamxltnaE3a6XQM3jBn XqJG/XJoeDW8H8u9Ohx0fLgRHIpfbYhNV4RA8vkro30/r8tDc/ZE9QXlm3wUZ3F7J1zUFe QLPHVTfDW2KpuMRlR53jDmPVP1DkZRJM1ppKVd7zZmcP8wL7WIhC8X/IPWnSi4/lWDa8MW x1OC73m17M/H7AoDD8+Z8680xwR5MZOQxRHVR+KO2tWFGpGBPiz8gQ3YHug3XA== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 2/2] dns.cgi: Remove the decode and encode lines as now integrated in header.pl Date: Mon, 17 Jun 2024 13:12:36 +0200 Message-ID: <20240617111236.2926-2-adolf.belka@ipfire.org> In-Reply-To: <20240617111236.2926-1-adolf.belka@ipfire.org> References: <20240617111236.2926-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: 4RXKYQWU26GEYT2TEHGX3O6JSSFEOU2S X-Message-ID-Hash: 4RXKYQWU26GEYT2TEHGX3O6JSSFEOU2S X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - decode and encode lines have now been integrated into the cleanhtml subroutine in header.pl so that all uses of cleanhtml will be able to handle diacritical characters Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- html/cgi-bin/dns.cgi | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/html/cgi-bin/dns.cgi b/html/cgi-bin/dns.cgi index 1181523d4..0d3b14797 100644 --- a/html/cgi-bin/dns.cgi +++ b/html/cgi-bin/dns.cgi @@ -21,7 +21,6 @@ use strict; use IO::Socket; -use Encode; # enable only the following on debugging purpose #use warnings; @@ -143,18 +142,8 @@ if (($cgiparams{'SERVERS'} eq $Lang::tr{'save'}) || ($cgiparams{'SERVERS'} eq $L # Go further if there was no error. if ( ! $errormessage) { # Check if a remark has been entered. - - # decode the UTF-8 text so that characters with diacritical marks such as - # umlauts are treated correctly by the following cleanhtml command - $cgiparams{'REMARK'} = decode("UTF-8", $cgiparams{'REMARK'}); - - # run the REMARK text through cleanhtml to ensure all unsafe html characters - # are correctly encoded to their html entities $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'}); - # encode the text back to UTF-8 after running the cleanhtml command - $cgiparams{'REMARK'} = encode("UTF-8", $cgiparams{'REMARK'}); - my %dns_servers = (); my $id; my $status;