From 8e43bc0e0fef57a0770ef69e9aac845ed6078dfa Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Mon, 30 Jun 2008 20:01:10 -0400 Subject: [PATCH] Configure CGI.pm to disable file uploads by default. --- IkiWiki/CGI.pm | 7 ++++--- debian/changelog | 6 ++++++ 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 015c9ae01..43986789a 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -667,10 +667,11 @@ sub cgi (;$$) { #{{{ my $q=shift; my $session=shift; + eval q{use CGI}; + error($@) if $@; + $CGI::DISABLE_UPLOADS=1; + if (! $q) { - eval q{use CGI}; - error($@) if $@; - binmode(STDIN); $q=CGI->new; binmode(STDIN, ":utf8"); diff --git a/debian/changelog b/debian/changelog index 9153254b4..8e1ad074c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +ikiwiki (2.52) UNRELEASED; urgency=low + + * Configure CGI.pm to disable file uploads by default. + + -- Joey Hess Mon, 30 Jun 2008 19:56:28 -0400 + ikiwiki (2.51) unstable; urgency=low * Improve toplevel parentlink to link directly to index.html when usedirs is