summaryrefslogtreecommitdiff
path: root/networking/httpd_index_cgi_example
diff options
context:
space:
mode:
Diffstat (limited to 'networking/httpd_index_cgi_example')
-rw-r--r--networking/httpd_index_cgi_example55
1 files changed, 55 insertions, 0 deletions
diff --git a/networking/httpd_index_cgi_example b/networking/httpd_index_cgi_example
new file mode 100644
index 0000000..31e768c
--- /dev/null
+++ b/networking/httpd_index_cgi_example
@@ -0,0 +1,55 @@
+#!/bin/sh
+# This CGI creates directory index.
+# Put it into cgi-bin/index.cgi and chmod 0755.
+#
+# Problems:
+# * Unsafe wrt weird filenames with <>"'& etc...
+# * Not efficient: calls stat (program, not syscall) for each file
+# * Probably requires bash
+#
+# If you want speed and safety, you need to code it in C
+
+# Must start with '/'
+test "${QUERY_STRING:0:1}" = "/" || exit 1
+# /../ is not allowed
+test "${QUERY_STRING%/../*}" = "$QUERY_STRING" || exit 1
+test "${QUERY_STRING%/..}" = "$QUERY_STRING" || exit 1
+
+# Outta cgi-bin...
+cd .. 2>/dev/null || exit 1
+# Strip leading '/', go to target dir
+cd "${QUERY_STRING:1}" 2>/dev/null || exit 1
+
+f=`dirname "$QUERY_STRING"`
+test "$f" = "/" && f=""
+
+# Pipe thru dd (need to write header as single write(),
+# or else httpd doesn't see "Content-type: text/html"
+# in first read() and decides that it is not html)
+{
+printf "%s" \
+$'HTTP/1.0 200 OK\r\n'\
+$'Content-type: text/html\r\n\r\n'\
+"<html><head><title>Index of $QUERY_STRING</title></head>"$'\r\n'\
+"<body><h1>Index of $QUERY_STRING</h1><pre>"$'\r\n'\
+$'<table width=100%>\r\n'\
+$'<col><col><col width=0*>\r\n'\
+$'<tr><th>Name<th align=right>Last modified<th align=right>Size\r\n'\
+\
+"<tr><td><a href='$f/'>..</a><td><td>"$'\r\n'
+
+IFS='#'
+for f in *; do
+ # Guard against empty dirs...
+ test -e "$f" && \
+ stat -c "%F#%s#%z" "$f" | {
+ read type size cdt junk
+ dir=''
+ test "$type" = "directory" && dir='/'
+ cdt="${cdt//.*}" # no fractional seconds
+ cdt="${cdt// /&nbsp;}" # prevent wrapping around space
+ printf "%s" "<tr><td><a href='$f$dir'>$f</a><td align=right>$cdt<td align=right>$size"$'\r\n'
+ }
+done
+printf "</table></pre><hr></body></html>"$'\r\n'
+} | dd bs=4k