X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/odin-cgi/blobdiff_plain/f8e94fc635a944aa7292506bb689d994a3652bd6..fd83afba2d3ebb14bbacdef2802bc5d415ea3705:/mason/pastebin/dhandler?ds=sidebyside diff --git a/mason/pastebin/dhandler b/mason/pastebin/dhandler index 7f6ea24..8583981 100644 --- a/mason/pastebin/dhandler +++ b/mason/pastebin/dhandler @@ -7,6 +7,13 @@ -path => "$Odin::PASTEBIN_PATH/", %attr; } + sub hasuff ($) { + my ($edit) = @_; + return $Odin::COOKIE{"odin-cookie-probe"} ? "" : "?honc=$edit"; + } + + Odin::bake_cookie $r, "odin-cookie-probe=t"; + my %props = ( lang => $lang, title => $title, content => Odin::tidy_pastebin_content $content @@ -22,7 +29,8 @@ $m->print($old{content}); } else { $edit = $Odin::COOKIE{"odin-handoff.$tag"}; - $m->comp("%show", tag => $tag, edit => $edit, %old); + $m->comp("%show", tag => $tag, + honc => $honc, edit => $edit // $honc, %old); } } else { if ($op eq "del") { @@ -32,14 +40,17 @@ } else { set_handoff_cookie $tag, $edit; my $editp = Odin::update_pastebin $tag, $edit, %props; - if ($editp) { $m->redirect("$Odin::PASTEBIN/$tag"); } - else { $m->comp("%edit", tag => $tag, edit => $edit, %props); } + if ($editp) { + $m->redirect("$Odin::PASTEBIN/$tag" . hasuff $edit); + } else { + $m->comp("%edit", tag => $tag, edit => $edit, %props); + } } } } elsif (defined $content) { ($tag, $edit) = Odin::new_pastebin %props; set_handoff_cookie $tag, $edit; - $m->redirect("$Odin::PASTEBIN/$tag"); + $m->redirect("$Odin::PASTEBIN/$tag" . hasuff $edit); } else { Odin::path_info($r) =~ m:/$: or $m->redirect("$Odin::PASTEBIN/", 301); @@ -52,6 +63,7 @@ $edit => undef $lang => undef $title => undef + $honc => undef $op => "edit" %# @@ -64,8 +76,17 @@ tag ‘<% $tag %>’ not found %# +<%def .badpaste> +<&| SELF:error, status => 400 &>\ +invalid paste content + +<%args> + $tag + + +%# <%def .badhash> -<&| SELF:error, status => 404 &>\ +<&| SELF:error, status => 403 &>\ incorrect edit key <%args>