projects
/
project
/
luci.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
treewide: filter shell arguments through shellquote() where applicable
[project/luci.git]
/
applications
/
luci-app-tinyproxy
/
luasrc
/
view
/
tinyproxy_status.htm
diff --git
a/applications/luci-app-tinyproxy/luasrc/view/tinyproxy_status.htm
b/applications/luci-app-tinyproxy/luasrc/view/tinyproxy_status.htm
index
c85a206
..
2ba9ddd
100644
(file)
--- a/
applications/luci-app-tinyproxy/luasrc/view/tinyproxy_status.htm
+++ b/
applications/luci-app-tinyproxy/luasrc/view/tinyproxy_status.htm
@@
-13,7
+13,11
@@
if luci.http.formvalue("frame") == "1" then
end)
local data = false
end)
local data = false
- local wget = io.popen("wget -qO- http://%s:%s" % { addr, port })
+ local wget = io.popen("wget -qO- http://%s:%s" %{
+ luci.util.shellquote(addr),
+ luci.util.shellquote(port)
+ })
+
if wget then
while true do
local l = wget:read("*l")
if wget then
while true do
local l = wget:read("*l")
@@
-30,7
+34,10
@@
if luci.http.formvalue("frame") == "1" then
if not data then
luci.http.write(translate("Failed to retrieve statistics from url:"))
if not data then
luci.http.write(translate("Failed to retrieve statistics from url:"))
- luci.http.write(" http://%s:%s" % { addr, port })
+ luci.http.write(" http://%s:%s" %{
+ luci.util.pcdata(addr),
+ luci.util.pcdata(port)
+ })
end
return
end
return
@@
-41,9
+48,9
@@
end
<%+header%>
<div class="cbi-map">
<%+header%>
<div class="cbi-map">
- <h2
><a id="content" name="content"><%:Tinyproxy Status%></a
></h2>
+ <h2
name="content"><%:Tinyproxy Status%
></h2>
<div class="cbi-section">
<div class="cbi-section">
- <iframe src="<%=REQUEST
URL
%>?frame=1" style="width:100%; height:350px; border:none"></iframe>
+ <iframe src="<%=REQUEST
_URI
%>?frame=1" style="width:100%; height:350px; border:none"></iframe>
</div>
</div>
</div>
</div>