diff options
| author | vs <vs@FreeBSD.org> | 2005-12-14 21:36:58 +0800 |
|---|---|---|
| committer | vs <vs@FreeBSD.org> | 2005-12-14 21:36:58 +0800 |
| commit | b14615a4341bd0a7ece2098f5506d8301c7ab550 (patch) | |
| tree | ccc0f51831c84a0bbc00ae9039514d55aa5b6d48 /www/p5-ldap-abook | |
| parent | 1aa0cf8888423050a05b37709017854a41d60932 (diff) | |
| download | freebsd-ports-gnome-b14615a4341bd0a7ece2098f5506d8301c7ab550.tar.gz freebsd-ports-gnome-b14615a4341bd0a7ece2098f5506d8301c7ab550.tar.zst freebsd-ports-gnome-b14615a4341bd0a7ece2098f5506d8301c7ab550.zip | |
- Patch cgi-script to use absolute URL without host:port in forms.
This fixes problems where the hostname instead of the original host-part
from the query will be used as target in forms (eg. in a FastCGI'd version).
If you are for example accessing the webserver through localhost over an
ssh-forwarded connection, the URLs would be rewritten to use the real hostname,
thus becoming unusable. Bump PORTREVISION.
- Do not require perl at build-time
- Pet portlint
Diffstat (limited to 'www/p5-ldap-abook')
| -rw-r--r-- | www/p5-ldap-abook/Makefile | 10 | ||||
| -rw-r--r-- | www/p5-ldap-abook/files/patch-cgi-bin_abook.cgi | 14 |
2 files changed, 20 insertions, 4 deletions
diff --git a/www/p5-ldap-abook/Makefile b/www/p5-ldap-abook/Makefile index 0ee3033540f4..633702d13972 100644 --- a/www/p5-ldap-abook/Makefile +++ b/www/p5-ldap-abook/Makefile @@ -7,6 +7,7 @@ PORTNAME= ldap-abook PORTVERSION= 1.00 +PORTREVISION= 1 CATEGORIES= www perl5 MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -15,7 +16,7 @@ PKGNAMEPREFIX= p5- MAINTAINER= ports@FreeBSD.org COMMENT= Perl5 CGI script providing an LDAP addressbook web interface -FORBIDDEN= Arbitrary command execution vulnerability in CGI script +FORBIDDEN= "Arbitrary command execution vulnerability in CGI script" RUN_DEPENDS= ${SITE_PERL}/AddressBook.pm:${PORTSDIR}/net/p5-AddressBook \ ${SITE_PERL}/CGI.pm:${PORTSDIR}/www/p5-CGI.pm \ @@ -23,11 +24,12 @@ RUN_DEPENDS= ${SITE_PERL}/AddressBook.pm:${PORTSDIR}/net/p5-AddressBook \ ABOOK= ${PREFIX}/www/ldap-abook CONFIG= ${PREFIX}/etc/AddressBook.conf -USE_PERL5= yes +USE_REINPLACE= yes +USE_PERL5_RUN= yes NO_BUILD= yes post-patch: - @${PERL} -pi -e 's|(/etc/AddressBook.conf)|${PREFIX}$$1|g' \ + @${REINPLACE_CMD} -e 's|(/etc/AddressBook.conf)|${PREFIX}$$1|g' \ ${WRKSRC}/cgi-bin/abook.cgi do-install: @@ -38,7 +40,7 @@ do-install: ${INSTALL_DATA} ${ABOOK}/examples/default/AddressBook.conf \ ${CONFIG}-dist [ -f ${CONFIG} ] || \ - install -o root -g www -m 640 ${CONFIG}-dist ${CONFIG} + ${INSTALL} -o root -g www -m 640 ${CONFIG}-dist ${CONFIG} post-install: @${CAT} ${PKGMESSAGE} diff --git a/www/p5-ldap-abook/files/patch-cgi-bin_abook.cgi b/www/p5-ldap-abook/files/patch-cgi-bin_abook.cgi new file mode 100644 index 000000000000..5e8b7a90f9c5 --- /dev/null +++ b/www/p5-ldap-abook/files/patch-cgi-bin_abook.cgi @@ -0,0 +1,14 @@ + +$FreeBSD$ + +--- cgi-bin/abook.cgi.orig ++++ cgi-bin/abook.cgi +@@ -39,7 +39,7 @@ + + my $config_file='/usr/local/etc/AddressBook.conf'; + my $query = CGI::new(); +-my $myURL=$query->url; ++my $myURL=$query->url(-absolute=>1); + my $op = $query->param(op); + my $entry; + my $error_msg = ""; |