From b59ef4b75504f697d560728007946c3aa95bc3dd Mon Sep 17 00:00:00 2001 From: Matthias Andreas Benkard Date: Mon, 27 Feb 2012 21:38:57 +0100 Subject: =?UTF-8?q?Book=20Marx:=20Support=20an=20additional=20=E2=80=9Ctit?= =?UTF-8?q?le=E2=80=9D=20URI=20parameter.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/mulk/benki/book_marx.clj | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/src/mulk/benki/book_marx.clj b/src/mulk/benki/book_marx.clj index 1ac7b8d..e1f0850 100644 --- a/src/mulk/benki/book_marx.clj +++ b/src/mulk/benki/book_marx.clj @@ -94,19 +94,22 @@ (catch java.lang.Exception e# nil))) -(defpage [:get "/marx/submit"] {uri :uri, description :description, origin :origin} +(defpage [:get "/marx/submit"] {uri :uri, description :description, origin :origin, title :title} (with-auth - (let [title (m/domonad m/maybe-m - ;; FIXME: Using slurp here is a potential security problem - ;; because it permits access to internal resources! - [:when uri - :when (or (.startsWith uri "http://") - (.startsWith uri "https://")) - soup (ignore-errors (slurp uri)) - page (org.jsoup.Jsoup/parse soup) - title (.select page "title")] - (.text title)) - origin (or origin (get-in (request/ring-request) [:headers "Referer"]))] + (let [title (or title + (m/domonad m/maybe-m + ;; FIXME: Using slurp here is a potential security problem + ;; because it permits access to internal resources! + [:when uri + :when (or (.startsWith uri "http://") + (.startsWith uri "https://")) + soup (ignore-errors (slurp uri)) + page (org.jsoup.Jsoup/parse soup) + title (.select page "title")] + (.text title))) + origin (or origin + (get-in (request/ring-request) [:headers "Referer"]) + uri)] (layout bookmarx-submission-page "Submit New Bookmark" [:form {:method "POST"} [:table -- cgit v1.2.3