diff options
author | Adam Chlipala <adam@chlipala.net> | 2015-02-12 15:09:26 -0500 |
---|---|---|
committer | Adam Chlipala <adam@chlipala.net> | 2015-02-12 15:09:26 -0500 |
commit | 1ea383a0e73f63d142d3539d984c9e2f4b7f0076 (patch) | |
tree | 596746366c6cc096adda95bb8ba55907ef3230f7 /src/cjr_print.sml | |
parent | db08876a6942aea26ef0d798a0951fc559e2c624 (diff) |
The 2nd half of proper CSRF protection related to environment variables
Diffstat (limited to 'src/cjr_print.sml')
-rw-r--r-- | src/cjr_print.sml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/cjr_print.sml b/src/cjr_print.sml index 0867f001..b3b12fe8 100644 --- a/src/cjr_print.sml +++ b/src/cjr_print.sml @@ -3260,6 +3260,16 @@ fun p_file env (ds, ps) = string "))"])) NONE cookies + val cookieCode = foldl (fn (evar, acc) => + SOME (case acc of + NONE => string ("uw_unnull(uw_Basis_getenv(ctx, \"" + ^ Prim.toCString evar ^ "\"))") + | SOME acc => box [string ("uw_Basis_strcat(ctx, uw_unnull(uw_Basis_getenv(ctx, \"" + ^ Prim.toCString evar ^ "\")), uw_Basis_strcat(ctx, \"/\", "), + acc, + string "))"])) + cookieCode (SideCheck.readEnvVars ()) + fun makeChecker (name, rules : Settings.rule list) = box [string "static int ", string name, |