david/ipxe
david/ipxe
Archived
1
0
Fork 0
Code
This repository has been archived on 2020-12-06. You can view files and clone it, but cannot push or open issues or pull requests.
e55ec845e6
ipxe/src
History
Michael Brown e55ec845e6 [uri] Apply URI decoding for all parsed URIs 
The various early-exit paths in parse_uri() accidentally bypass the
URI field decoding.  The result is that opaque or relative URIs do not
undergo URI field decoding, resulting in double-encoding when the URIs
are subsequently used.  For example:

  #!ipxe
  set mac ${macstring}
  imgfetch /boot/by-mac/${mac:uristring}

would result in an HTTP GET such as

  GET /boot/by-mac/00%253A0c%253A29%253Ac5%253A39%253Aa1 HTTP/1.1

rather than the expected

  GET /boot/by-mac/00%3A0c%3A29%3Ac5%3A39%3Aa1 HTTP/1.1

Fix by ensuring that URI decoding is always applied regardless of the
URI format.

Reported-by: Andrew Widdersheim <awiddersheim@inetu.net>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
2016-01-26 16:16:13 +00:00
..
arch [i386] Add check_bios_interrupts() debug function 2016-01-12 08:27:59 +00:00
bin Rename .cvsignore files to .gitignore 2007-06-09 22:57:00 +01:00
config [build] Add named configuration for public cloud environments 2016-01-18 08:37:27 +00:00
core [uri] Apply URI decoding for all parsed URIs 2016-01-26 16:16:13 +00:00
crypto [ocsp] Avoid including a double path separator in request URI 2016-01-21 17:50:34 +00:00
doc [build] Rename gPXE to iPXE 2010-04-19 23:43:39 +01:00
drivers [smsc95xx] Reserve headroom in received packets 2016-01-19 00:23:06 +00:00
hci [legal] Relicense files under GPL2_OR_LATER_OR_UBDL 2015-03-05 11:40:13 +00:00
image [efi] Add support for EFI_GRAPHICS_OUTPUT_PROTOCOL frame buffer consoles 2015-10-16 16:38:41 +01:00
include [usb] Allow USB endpoints to specify a reserved header length for refills 2016-01-19 00:01:11 +00:00
interface [usb] Allow USB endpoints to specify a reserved header length for refills 2016-01-19 00:01:11 +00:00
libgcc [build] Mark __intel_new_proc_init with __libgcc rather than cdecl 2009-08-03 15:56:10 +01:00
net [tftp] Mangle initial slash on TFTP URIs 2016-01-21 18:00:33 +00:00
tests [uri] Apply URI decoding for all parsed URIs 2016-01-26 16:16:13 +00:00
usr [autoboot] Fix incorrect boolean logic 2016-01-19 08:16:17 +00:00
util [efi] Add %.usb target for building EFI-bootable USB (or other) disk images 2015-12-07 13:08:22 +00:00
.gitignore [build] Add support for local configuration files 2010-03-26 19:07:22 +00:00
doxygen.cfg [build] Remove PACKED macro 2010-05-29 23:49:47 +01:00
Makefile [crypto] Support SHA-{224,384,512} in X.509 certificates 2015-08-02 16:54:24 +01:00
Makefile.housekeeping [debug] Allow debug colourisation to be disabled 2016-01-12 15:39:14 +00:00