Fix issue with utf-8 in wikiname breaking session cookies, by entity-encoding the wikiname in the session cookie.

master
Joey Hess 2008-10-19 21:07:12 -04:00
parent fd9393ef85
commit 3e992b758b
3 changed files with 10 additions and 2 deletions

View File

@ -278,9 +278,9 @@ sub check_banned ($$) { #{{{
sub cgi_getsession ($) { #{{{
my $q=shift;
eval q{use CGI::Session};
eval q{use CGI::Session; use HTML::Entities};
error($@) if $@;
CGI::Session->name("ikiwiki_session_".encode_utf8($config{wikiname}));
CGI::Session->name("ikiwiki_session_".encode_entities($config{wikiname}));
my $oldmask=umask(077);
my $session = eval {

2
debian/changelog vendored
View File

@ -12,6 +12,8 @@ ikiwiki (2.68) UNRELEASED; urgency=low
* Plugins that used to override displaytime should instead override
formattime. displaytime will call that, and may wrap markup around the
formatted time.
* Fix issue with utf-8 in wikiname breaking session cookies, by
entity-encoding the wikiname in the session cookie.
-- Joey Hess <joeyh@debian.org> Fri, 17 Oct 2008 20:11:02 -0400

View File

@ -5,4 +5,10 @@ Inspecting the cookie information (thanks to Iceweasel's webdeveloper add-on), I
Replacing "·" with "-" in `wikiname` fixed this login issue.
> Hmm, Recai sent me a patch a long time ago to handle utf-8 here by encoding
> the wikiname. But it doesn't seem to work, somehow the encoded utf-8
> value still doesn't make it through. (CGI::Session seems to have underermined utf-8
> issues too.) Seems like I will have to possibly break some sessions and
> entity-encode the wikiname in the cookie.. done. --[[Joey]]
(BTW, such a char was replaced by -I don't remember what encoding thingie- in my setup file, when running `ikiwiki-transition setupformat`.)