Changeset 18379 for gsdl/trunk

Show
Ignore:
Timestamp:
14.01.2009 13:47:04 (11 years ago)
Author:
ak19
Message:

Base64 encoding subroutine now replaces the plus and forward slash symbols that it may generate with the minus and underscore chars, respectively, in order to ensure that it doesn't generate unsafe filenames. Base64 decoding subroutine has been correspondingly modified.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • gsdl/trunk/perllib/unicode.pm

    r18342 r18379  
    607607sub url_to_filename { 
    608608    my ($text) =@_; 
    609     $text =~ s/%25/%/g if is_url_encoded($text); 
     609    $text =~ s/%25/%/g if &is_url_encoded($text); 
    610610    return $text; 
    611611} 
     
    632632sub base64_encode { 
    633633    my ($text) = @_; 
    634     if(!is_safe_filename_chars($text)) {  #if(!&is_base64_or_alphanumeric($text)) { # a subset 
     634    if(!&conforms_to_mod_base64($text)) { 
    635635    $text = &MIME::Base64::encode_base64($text); 
     636    # base64 encoding may introduce + and / signs, 
     637    # replacing them with - and _ to ensure it's filename-safe 
     638    $text =~ s/\+/\-/g; # + -> - 
     639    $text =~ s/\//\_/g; # / -> _ 
    636640    } 
    637641    return $text; 
    638642} 
    639643 
     644# If the input fits the modified base64 pattern, this will try decoding it.  
     645# Still, this method does not guarantee the return value is the 'original', only 
     646# that the result is where the base64 decoding process has been applied once. 
     647# THIS METHOD IS NOT USED at the moment. It's here for convenience and symmetry. 
    640648sub base64_decode { 
    641649    my ($text) = @_; 
    642     # If the input fits the base64 pattern, this will try decoding it. 
    643     # Still, this does not guarantee the return value is the 'original' 
    644     if(&is_base64_or_alphanumeric($text)) { 
     650    if(&conforms_to_mod_base64($text)) { 
     651    # base64 encodes certain chars with + and /, but if we'd encoded it, we'd 
     652    # have replaced them with - and _ respectively. Undo this before decoding. 
     653    $text =~ s/\-/\+/g;      # - -> + 
     654    $text =~ s/\_/\//g;      # _ -> / 
    645655    $text = &MIME::Base64::decode_base64($text); 
    646656    } 
     
    648658} 
    649659 
    650 # Returns through if the given string is compatible with base64 (which  
    651 # includes regular ASCII alphanumeric values). This method does not  
    652 # guarantee that base64_decoding will return anything meanigful, since  
    653 # this will return true for any simple alphanumeric ASCII string as well. 
    654 sub is_base64_or_alphanumeric { 
     660# Returns true if the given string is compatible with a modified version 
     661# of base64 (where the + and / are replaced with - and _), a format which  
     662# includes also regular ASCII alphanumeric values. This method does not  
     663# guarantee that the given string is actually base64 encoded, since it will 
     664# return true for any simple alphanumeric ASCII string as well.  
     665sub conforms_to_mod_base64 { 
    655666    my ($text) = @_; 
    656     # base 64 takes alphanumeric and [+/=]  
    657     # (note that in some cases - and _ replace + and /) 
    658     return ($text =~ m/^[A-Za-z0-9\+\/\=]+$/); 
    659 } 
    660  
    661 # Returns true if the text is base64 chars or additionally contains - and/or _ 
    662 sub is_safe_filename_chars { 
    663     my ($text) = @_; 
    664     return ($text =~ m/^[A-Za-z0-9\+\/\=\-\_]+$/); #alphanumeric,[+/=-_] 
     667    # base 64 takes alphanumeric and [=+/],  
     668    # but we use modified base64 where + and / are replaced with  - and _ 
     669    return ($text =~ m/^[A-Za-z0-9\=\-\_]+$/); #alphanumeric and [=-_] 
    665670} 
    666671