So my velocity is working fine if user sends 'lorem' just fine, it also works great if he sends lorem but when he sends "lorem" it breaks,
is there any way that I can escape both " from that result that user is sending or even better to replace it with single quotes ? ( ' )
Related
Today I got an error and was very surprised to get it since everything looked just fine...
I have a CGI written in C++ which accepts URIs with a query string. The query string is what selects the page, etc. The CGI is installed in the standard location for an Ubuntu installation:
/usr/lib/cgi-bin/snapmanager.cgi
Today I was finishing up adding a Login screen and once logged in, I wanted to add a logout link. The link simply adds ?logout at the end of the URI:
http://www.example.com/cgi-bin/snapmanager.cgi?logout
That failed.
Checking the error log, I got an error saying that "logout" actually appeared on the command line. Rather surprising, if you ask me! I tried with:
http://www.example.com/cgi-bin/snapmanager.cgi?logout=now
and everything worked as expected. No logout on the command line.
I also tried:
http://www.example.com/cgi-bin/snapmanager.cgi?logout&host=foo
And that worked too. Again, no logout on the command line.
However, if I switch the parameters position it fails again:
http://www.example.com/cgi-bin/snapmanager.cgi?host=foo&logout
So it looks like Apache2 calls my CGI with the logout query string as a parameter on the command line when that one query string name is defined last.
Just in case, I tried to add dashes at the start of the name, and sure enough, that appears as a command line switch in my logs!
error:snapmanager.cgi: option --logout is not supported.
Really scary. This is a huge security risk if you know of a switch that can "tweak things your way"...
Is that documented somewhere?
I actually found the answer in RFC3875 in paragraph 4.4
4.4. The Script Command Line
Some systems support a method for supplying an array of strings to the CGI script. This is only used in the case of an 'indexed' HTTP query, which is identified by a 'GET' or 'HEAD' request with a URI query string that does not contain any unencoded "=" characters. For such a request, the server SHOULD treat the query-string as a search-string and parse it into words, using the rules
search-string = search-word *( "+" search-word )
search-word = 1*schar
schar = unreserved | escaped | xreserved
xreserved = ";" | "/" | "?" | ":" | "#" | "&" | "=" | "," |
"$"
After parsing, each search-word is URL-decoded, optionally encoded in a system-defined manner and then added to the command line argument list.
If the server cannot create any part of the argument list, then the server MUST NOT generate any command line information. For example, the number of arguments may be greater than operating system or server limits, or one of the words may not be representable as an argument.
The script SHOULD check to see if the QUERY_STRING value contains an unencoded "=" character, and SHOULD NOT use the command line arguments if it does.
Emphasis Mine
I'm using an AutoIt script to automate interaction with a GUI, and part of the process involves using the ControlSend() function to place a file path into a combo box. The majority of the time, the process works properly, but occasionally ( ~ 1/50 calls to the function? ) a single hyphen in the filepath is replaced with an underscore. The script is to be run unsupervised for bulk data processing, and such an error typically results in a forced-focus popup that screams "The file could not be found!" and halts further processing.
Unfortunately, due to the character limit of the combo box, I cannot supply all 16 arguments with a single call, and I am forced to load each of the images individually using the following for-loop:
;Iterate through each command line argument (file path)
For $i = 1 To $CmdLine[0]
;click the "Disk" Button to load an image from disk
ControlClick("Assemble HDR Image", "", "[CLASS:Button; TEXT:Disk; Instance:1]")
;Give the dialogue time to open before entering text
Sleep(1000)
;Send a single file path to the combo box
ControlSend("Open", "" , "Edit1", $CmdLine[$i])
;"Press Enter" to load the image
Send("{ENTER}")
Next
In an errant run, the file path
C:\my\file\path\hdr_2016-04-22T080033_00_rgb
^Hyphen
is converted to
C:\my\file\path\hdr_2016_04-22T080033_00_rgb
^Underscore
Due to the existence of both hyphens and underscores in the file name, it is difficult to perform a programmatic correction (e.g. replace all underscores with hyphens).
What can be done to correct or prevent such an error?
This is both my first attempt at GUI automation and my first question on SO, and I apologize for my lack of experience, poor wording, or deviations from StackOverflow convention.
Just use ControlSetText instead of ControlSend as it will set the complete Text at once and won't allow other keystrokes (like Shift) to interfere with the many virtual keystrokes that the Send-function fires.
If the hyphen is the problem and you need to replace it, you can do so:
#include <File.au3>
; your path
$sPath = 'C:\my\file\path'
; get all files from this path
$aFiles = _FileListToArray($sPath, '*', 1)
; if all your files looks like that (with or without hyphen), you can work with "StringRegExpReplace"
; 'hdr_2016-04-22T080033_00_rgb'
$sPattern = '(\D+\d{4})(.)(.+)'
; it means:
; 1st group: (\D+\d{4})
; \D+ one or more non-digit, i.e. "hdr_"
; \d{4} digit 4-times, i.e. "2016"
; 2nd group: (.)
; . any character, hyphen, underscore or other, only one character, i.e. "~"
; 3rd group: (.+)
; . any character, one or more times, i.e. "22T080033_00_rgb"
; now you change the filename for all cases, where this pattern matches
Local $sTmpName
For $i = 1 To $aFiles[0]
; check for pattern match
If StringRegExp($aFiles[$i]) Then
; replace the 2nd group with underscore
$sTmpName = StringRegExpReplace($aFiles[$i], $sPattern, '\1_\3')
FileMove($sPath & '\' & $aFiles[$i], $sPath & '\' & $sTmpName)
EndIf
Next
How can I ignore text inside double quote in antlr 2 .
for example:
I want to ignore "something random" , "some another random" type text which is inside double quote . How can I do this without my parser failing .
You could do what antlr would do for an XML parser:
form island grammars and lexer modes.
Note that this only works if there are no nested quotes:
As soon as you encounter a " you do a pushmode action and switch to a mode that skips everything except ", and switch back to regular when you see another ". This isn't elegant but should work rather well.
Please help, I can't find the solution
Situation. I have busybox httpd server. In cgi-bin folder is an cgi-executable, which sends to client formatted text by printf command.
Problem is that the text format should look like a column, but client receives only a string. Despite the fact that in "printf" I use "\n" and "(char) 13".
Another words executable doesn't return "return" symbol
I wrote following
for (i=0; i<4;i++)
printf ("%9.8g%c\n", lTemp[i]*dTemp[i], (char) 13 );
The text that is sent from your CGI program to the web client is treated as HTML text, not plain text.
When HTML is processed for display in the browser, newline and carriage return (what you simply call "return") characters are ignored.
To cause the displayed text to perform a line break, the HTML break tag, "< br />" should be inserted into the output string:
printf("%9.8g <br />\r\n", lTemp[i] * dTemp[i]);
The use of newlines and whitespace in the text that your CGI programs generates will have little bearing on the actual HTML page that gets displayed. Use newlines and whitespace to format the HTML so that the source is readable, and use HTML tags to control the displayed text in the client's browser.
BTW
Using a numeric constant and a character conversion in a printf is not the preferred method of outputting a carriage-return character.
Use the defined escape sequence \r in the format.
I'm trying to get an NSTokenField working that allows editing to a similar post here.
The answer that was provided gave me the key but something is still off. What should the token character set be set as? My tags will be in this format "< token text >". Setting the character tokenizer to " " results in the " " between words being removed.
What should I be using as the token character set? This is driving me crazy!
I haven't tried this, but I would use " " as the tokenizer and then add a space at the end of your display string which is not in your editing string.
So -tokenField:displayStringForRepresentedObject: would return "Hello " and -tokenField:editingStringForRepresentedObject: would return "Hello".
The alternative would be using "<" and ">" as the tokenizing characters, but I could see a lot of potential issues arising from that.