Changeset 39000

Timestamp:

2024-05-07T14:46:46+12:00 (2 weeks ago)

Author:

kjdon

Message:

the usecookies option has been renamed to usecookiesForUID to better reflect what it means. A new option usecookiesForE is added. If this is set to true (the default), then the e arg will be saved as a cookie, instead of being set into the various compressedoptions macros (which will now be empty). nzdl.org is getting hammered by bots, and one theory is that the e arg changes everytime so looks like a new page when its not.

Location:

main/trunk/greenstone2/runtime-src/src/recpt

Files:

• cgiwrapper.cpp (modified) (1 diff)
• receptionist.cpp (modified) (9 diffs)
• receptionist.h (modified) (2 diffs)
• statusaction.cpp (modified) (1 diff)

main/trunk/greenstone2/runtime-src/src/recpt/cgiwrapper.cpp

@@ -388 +388 @@
        << "  from the command line as it would be when run from your\n"
        << "  web server.\n";
-  if (configinfo.usecookies) 
-    cout << "cookies are enabled\n";
+  if (configinfo.usecookiesForUID) 
+    cout << "UID will be saved as a cookie\n";
   else 
-    cout << "cookies are disabled\n";
+    cout << "UID not saved as a cookie\n";
+  if (configinfo.usecookiesForE) 
+    cout << "The e arg will be saved as a cookie\n";
+  else 
+    cout << "The e arg is not saved as a cookie - set usecookiesForE to true to use cookies for e \n";
   if (configinfo.logcgiargs) 
     cout << "logging is enabled\n";

main/trunk/greenstone2/runtime-src/src/recpt/receptionist.cpp

@@ -63 +63 @@
   macrofiles.erase(macrofiles.begin(), macrofiles.end());
   saveconf.clear();
-  usecookies = false;
+  usecookiesForUID = false;
+  usecookiesForE = true;
   logcgiargs = false;
   LogDateFormat = LocalTime;
@@ -251 +252 @@
     }
     else if (key == "saveconf") configinfo.saveconf = cfgline[0];
-    else if (key == "usecookies") configinfo.usecookies = (cfgline[0] == "true");
+    // keep usecookies here for backwards compatibility
+    else if (key == "usecookies" || key == "usecookiesForUID") configinfo.usecookiesForUID = (cfgline[0] == "true");
+    else if (key == "usecookiesForE") configinfo.usecookiesForE = (cfgline[0] == "true");
     else if (key == "logcgiargs") configinfo.logcgiargs = (cfgline[0] == "true");
     else if (key == "maintainer") configinfo.maintainer = cfgline[0];
@@ -594 +597 @@
   args.clear();
   split_cgi_args (argsinfo, argstr, args);
- 
+
+  // get e cookie
+  if (configinfo.usecookiesForE) get_named_cookie(args["e"], "GSDL_E", fcgienv);
   // expand the compressed argument (if there was one)
   if (!expand_save_args (argsinfo, configinfo.saveconf, args, logout)) return false;
@@ -605 +610 @@
  
   // get the cookie
-  if (configinfo.usecookies) get_cookie(args["z"], fcgienv);
+  if (configinfo.usecookiesForUID) get_uid_cookie(args["z"], fcgienv);
   
   // if we're changing languages, set the encoding to the default for the new language
@@ -672 +677 @@
 
 
+// Returns true if cookie exists, false if not
+bool receptionist::get_named_cookie (text_t &cookie, text_t cookie_name, text_tmap &fcgienv)
+{
+  
+  // See if we can get the cookies
+  text_t cookiestring = gsdl_getenv ("HTTP_COOKIE", fcgienv);
+  if (cookiestring.empty()) return false;
+    // This should really be handled by the findword function...
+  
+    // Check if the cookie contains 'cookie_name'
+  text_t cid = cookie_name+"=";
+  text_t::iterator cid_start = findword(cookiestring.begin(), cookiestring.end(), cid);
+  if (cid_start != cookiestring.end())
+  {
+    // Yes, so extract its value
+    cookie = substr(cid_start + cid.size(), findchar(cid_start + cid.size(), cookiestring.end(), ';'));
+    return true;
+  }
+  return false;
+}
+
 // Returns true if cookie already existed, false if it was generated
-bool receptionist::get_cookie (text_t &cookie, text_tmap &fcgienv)
+bool receptionist::get_uid_cookie (text_t &cookie, text_tmap &fcgienv)
 {
   // See if we can get the GSDL_UID cookie
-  text_t cookiestring = gsdl_getenv ("HTTP_COOKIE", fcgienv);
-  if (!cookiestring.empty()) // This should really be handled by the findword function...
-  {
-    // Check if the cookie contains GSDL_UID
-    text_t gsdl_uid = "GSDL_UID=";
-    text_t::iterator gsdl_uid_start = findword(cookiestring.begin(), cookiestring.end(), gsdl_uid);
-    if (gsdl_uid_start != cookiestring.end())
-    {
-      // Yes, so extract its value
-      cookie = substr(gsdl_uid_start + gsdl_uid.size(), findchar(gsdl_uid_start + gsdl_uid.size(), cookiestring.end(), ';'));
-      return true;
-    }
-  }
-
+  bool found = get_named_cookie(cookie, "GSDL_UID", fcgienv);
+  if (found) return true;
   // Generate a new key "[host]-[epoch time]", e.g. test.com-1256764496
   cookie.clear();
@@ -706 +720 @@
 
 // Same as above but just tests if cookie exists
-bool receptionist::get_cookie (text_tmap &fcgienv)
+bool receptionist::has_uid_cookie (text_tmap &fcgienv)
 {
   text_t cookie_jar = "";
-  return get_cookie(cookie_jar, fcgienv);
+  return get_named_cookie(cookie_jar, "GSDL_UID", fcgienv);
+
 }
 
@@ -957 +972 @@
 
     // add cookie if required
-    if (configinfo.usecookies && !get_cookie(fcgienv))
+    if (configinfo.usecookiesForUID && !has_uid_cookie(fcgienv))
       response_data += "\nSet-Cookie: GSDL_UID=" + args["z"]
     + "; expires=Fri, 25-Dec-2037 00:00:00 GMT";
+    if (configinfo.usecookiesForE) {
+      // set the GSDL_E cookie
+      response_data += "\nSet-Cookie: GSDL_E=" + get_compressed_arg (args, logout)
+    + "; expires=Fri, 25-Dec-2037 00:00:00 GMT";
+    }
+        
   }
 }
@@ -1476 +1497 @@
 
 
-  text_t compressedoptions = get_compressed_arg(args, logout);
+  text_t compressedoptions = "";
+  if (!configinfo.usecookiesForE) {
+    compressedoptions = get_compressed_arg(args, logout);
+  }
   disp.setmacro ("compressedoptions", displayclass::defaultpackage, dm_safe(compressedoptions));
   //disp.setmacro ("compressedoptionsUrlsafe", displayclass::defaultpackage, encodeForURL(dm_safe(compressedoptions))); // seems to be unnecessary after testing e=hack or e=hack<collect>... or e=...<collect>hack in a live server
@@ -1498 +1522 @@
   // the old version was dm_safed, so make a dm safe version in case we need it
   disp.setmacro ("decodedcompressedoptionsAttrDmsafe", displayclass::defaultpackage, encodeForHTMLAttr(dm_safe(dmacrovalue)));
+
 
 #if defined (__WIN32__)

main/trunk/greenstone2/runtime-src/src/recpt/receptionist.h

@@ -88 +88 @@
    text_tset macrofiles;
    text_t saveconf;
-   bool usecookies;  // true if we want cookies set
+   bool usecookiesForUID;  // true if we want to save user id as a cookie
+  bool usecookiesForE; // true if want to save the e arg as a cookie instead of passing it round as an arg
    bool logcgiargs;  // true if we want to log cgi arguments
    
@@ -143 +144 @@
                 ostream &logout);
    
-   bool get_cookie (text_t &cookie, text_tmap &fcgienv);
-   bool get_cookie (text_tmap &fcgienv);
-   
+   bool get_uid_cookie (text_t &cookie, text_tmap &fcgienv);
+   bool has_uid_cookie (text_tmap &fcgienv);
+  bool get_named_cookie (text_t &cookie, const text_t cookie_name, text_tmap &fcgienv);
+  
    // get the default encoding for the given language - if it fails for any
    // reason, return ""

main/trunk/greenstone2/runtime-src/src/recpt/statusaction.cpp

@@ -171 +171 @@
       << "\"</td></tr>\n";
 
-  // usecookies
-  textout << outconvert << "<tr valign=top><th>usecookies</th><td>\"";
-  if (rcinfo.usecookies) textout << outconvert << "true";
+  // usecookiesForUID
+  textout << outconvert << "<tr valign=top><th>usecookiesForUID</th><td>\"";
+  if (rcinfo.usecookiesForUID) textout << outconvert << "true";
+  else textout << outconvert << "false";
+  textout << outconvert << "\"</td></tr>\n";
+  // usecookiesForE
+  textout << outconvert << "<tr valign=top><th>usecookiesForE</th><td>\"";
+  if (rcinfo.usecookiesForE) textout << outconvert << "true";
   else textout << outconvert << "false";
   textout << outconvert << "\"</td></tr>\n";