diff options
| author | link <link@localhost> | 2005-02-05 21:02:14 +0000 |
|---|---|---|
| committer | link <link@localhost> | 2005-02-05 21:02:14 +0000 |
| commit | 6b7280f43f39492e2f436c7b897ee9c3aa4fc39b (patch) | |
| tree | 1a477dfbbcb8e220353ca4cd939152a480873035 | |
| parent | b011caa3098a0ae5a8496cf739c82047d213ae3d (diff) | |
| download | markup-validator-6b7280f43f39492e2f436c7b897ee9c3aa4fc39b.zip markup-validator-6b7280f43f39492e2f436c7b897ee9c3aa4fc39b.tar.gz markup-validator-6b7280f43f39492e2f436c7b897ee9c3aa4fc39b.tar.bz2 | |
First cut at limiting recursion; cf. Bug #204.
| -rw-r--r-- | htdocs/config/validator.conf | 8 | ||||
| -rwxr-xr-x | httpd/cgi-bin/check | 32 | ||||
| -rw-r--r-- | share/templates/en_US/header.tmpl | 1 |
3 files changed, 38 insertions, 3 deletions
diff --git a/htdocs/config/validator.conf b/htdocs/config/validator.conf index ac83440..44580d7 100644 --- a/htdocs/config/validator.conf +++ b/htdocs/config/validator.conf @@ -1,7 +1,7 @@ # # Main Configuration File for the W3C Markup Validation Service. # -# $Id: validator.conf,v 1.21 2005-02-04 18:40:59 link Exp $ +# $Id: validator.conf,v 1.22 2005-02-05 21:02:14 link Exp $ # # See 'perldoc Config::General' for the syntax, and be aware that the # 'SplitPolicy' is 'equalsign', ie. keys and values are separated by '\s*=\s*', @@ -55,6 +55,12 @@ Allow Private IPs = no Enable SOAP = no # +# Whether the validator will check its own output. +# 0 means it will refuse to check its own output, 1 means it will but it will +# refuse to check the results of it checking itself. Etc. +Max Recursion = 0 + +# # Protocols the validator is allowed to use for retrieving documents. # The default is to allow http and https. <Protocols> diff --git a/httpd/cgi-bin/check b/httpd/cgi-bin/check index 13fc606..8e23128 100755 --- a/httpd/cgi-bin/check +++ b/httpd/cgi-bin/check @@ -9,7 +9,7 @@ # This source code is available under the license at: # http://www.w3.org/Consortium/Legal/copyright-software # -# $Id: check,v 1.391 2005-02-05 04:20:57 link Exp $ +# $Id: check,v 1.392 2005-02-05 21:02:14 link Exp $ # # Disable buffering on STDOUT! @@ -239,7 +239,7 @@ Directory not readable (permission denied): @_r # # Strings - $VERSION = q$Revision: 1.391 $; + $VERSION = q$Revision: 1.392 $; $VERSION =~ s/Revision: ([\d\.]+) /$1/; # @@ -1320,6 +1320,10 @@ sub handle_uri { return $File; } + # + # Enforce Max Recursion level. + &check_recursion($File, $res); + my($mode, $ct, $charset) = &parse_content_type( $File, @@ -1478,6 +1482,30 @@ sub parse_content_type { return $mode, $ct, $charset; } +# +# Check recursion level and enforce Max Recursion limit. +sub check_recursion ($$) { + my $File = shift; + my $res = shift; + + # Not looking at our own output. + return unless defined $res->header('X-W3C-Validator-Recursion'); + + my $lvl = $res->header('X-W3C-Validator-Recursion'); + &add_warning($File, 'debug', 'Old Recursion Depth', $lvl); + return unless $lvl =~ m(^\d+$); # Non-digit, i.e. garbage, ignore. + + if ($lvl >= $CFG->{'Max Recursion'}) { + &add_warning($File, 'debug', 'Recursion Depth Limit Exceeded', + qq(Recursion depth "$lvl" exceedes limit "$CFG->{'Max Recursion'}")); + print redirect $CFG->{'Home Page'}; + } else { + $T->param(depth => $lvl++); # Increase recursion level in output. + &add_warning($File, 'debug', 'New Recursion Depth', $lvl); + } +} + + # # Normalize newline forms (CRLF/CR/LF) to native newline. diff --git a/share/templates/en_US/header.tmpl b/share/templates/en_US/header.tmpl index 816269f..96b9b62 100644 --- a/share/templates/en_US/header.tmpl +++ b/share/templates/en_US/header.tmpl @@ -1,5 +1,6 @@ Content-Language: en Content-Type: text/html; charset=utf-8 +X-W3C-Validator-Recursion: <TMPL_IF NAME="depth"><TMPL_VAR NAME="depth"><TMPL_ELSE>1</TMPL_IF> <?xml version="1.0"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" |