From bc398e23ce4e682fc84f84c40037ba8eae052a70 Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 19:29:49 -0800 Subject: Durr, actually install the AJAX CGI. --- pinyweb/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pinyweb') diff --git a/pinyweb/Makefile b/pinyweb/Makefile index 4c0055d..1dad8bd 100644 --- a/pinyweb/Makefile +++ b/pinyweb/Makefile @@ -3,7 +3,7 @@ build: install: install -o root -g root -m 755 -d $(DESTDIR)/usr/lib/cgi-bin/piny $(DESTDIR)/usr/sbin - install -o root -g root -m 755 cgi-bin/newuser.cgi $(DESTDIR)/usr/lib/cgi-bin/piny + install -o root -g root -m 755 cgi-bin/checkconstraint.cgi cgi-bin/newuser.cgi $(DESTDIR)/usr/lib/cgi-bin/piny install -o root -g root -m 755 cgi-bin/auth/* $(DESTDIR)/usr/lib/cgi-bin/piny/auth install -o root -g shadow -m 4754 suid/piny-suid $(DESTDIR)/usr/sbin # FIXME: this should really be www-data somehow -- cgit v1.2.3 From eb8dc87dca8089bfccaed79db0ed3b5483054472 Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 19:46:33 -0800 Subject: Do something more reasonable with OPTIONS requests. --- pinyweb/cgi-bin/checkconstraint.cgi | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) (limited to 'pinyweb') diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index 8db0903..757bcaa 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -11,29 +11,35 @@ use Piny; my $q = CGI->new( ); -my $type = $q->param( 't' ); -my $value = $q->param( 'v' ); - -if ( not defined $type or not defined $value ) { - print "Status: 400 Bad Request\nContent-type: application/json\n\n"; - print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Required parameter missing." } ); +if ( $q->request_method( ) eq "OPTIONS" ) { + print "Status: 204 No Content\nAccess-Control-Allow-Origin: *\n\n"; } else { - my $constraint = find_type_constraint( $type ); + my $type = $q->param( 't' ); + my $value = $q->param( 'v' ); - if ( not defined $constraint ) { + if ( not defined $type or not defined $value ) { print "Status: 400 Bad Request\nContent-type: application/json\n\n"; - print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Invalid constraint name." } ); + print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Required parameter missing." } ); } else { - print "Status: 200 OK\nContent-type: application/json\n\n"; - - my $error = $constraint->validate( $value ); + my $constraint = find_type_constraint( $type ); - if ( defined $error ) { - print encode_json( { "ok" => JSON::false, "msg" => $error } ); + if ( not defined $constraint ) { + print "Status: 400 Bad Request\nContent-type: application/json\n\n"; + print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Invalid constraint name." } ); } else { - print encode_json( { "ok" => JSON::true } ); + + print "Status: 200 OK\nContent-type: application/json\n\n"; + + my $error = $constraint->validate( $value ); + + if ( defined $error ) { + print encode_json( { "ok" => JSON::false, "msg" => $error } ); + } else { + print encode_json( { "ok" => JSON::true } ); + }; + }; }; -- cgit v1.2.3 From e7c9099ecdd3a9a06a63afef822dcdf4db55267b Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 19:48:13 -0800 Subject: One more header. --- pinyweb/cgi-bin/checkconstraint.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pinyweb') diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index 757bcaa..65feabb 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -12,7 +12,7 @@ use Piny; my $q = CGI->new( ); if ( $q->request_method( ) eq "OPTIONS" ) { - print "Status: 204 No Content\nAccess-Control-Allow-Origin: *\n\n"; + print "Status: 204 No Content\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\n\n"; } else { my $type = $q->param( 't' ); -- cgit v1.2.3 From 08933e7b90bfb5c24c35148a756e67c5b5ca97bb Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 19:53:56 -0800 Subject: more access control --- pinyweb/cgi-bin/checkconstraint.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pinyweb') diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index 65feabb..b05eaf5 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -12,7 +12,7 @@ use Piny; my $q = CGI->new( ); if ( $q->request_method( ) eq "OPTIONS" ) { - print "Status: 204 No Content\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\n\n"; + print "Status: 204 No Content\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\n\n"; } else { my $type = $q->param( 't' ); -- cgit v1.2.3 From 440828df27d582be10ed3d131216f9e074b6ab29 Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 19:58:47 -0800 Subject: and another one --- pinyweb/cgi-bin/checkconstraint.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pinyweb') diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index b05eaf5..4ff939c 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -12,7 +12,7 @@ use Piny; my $q = CGI->new( ); if ( $q->request_method( ) eq "OPTIONS" ) { - print "Status: 204 No Content\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\n\n"; + print "Status: 204 No Content\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\nAccess-Control-Max-Age: 3600\n\n"; } else { my $type = $q->param( 't' ); -- cgit v1.2.3 From a586352a0c9e9387987a1645842f4636c65f48be Mon Sep 17 00:00:00 2001 From: Julian Blake Kongslie Date: Tue, 18 Jan 2011 20:19:44 -0800 Subject: More status code changes. --- pinyweb/cgi-bin/checkconstraint.cgi | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'pinyweb') diff --git a/pinyweb/cgi-bin/checkconstraint.cgi b/pinyweb/cgi-bin/checkconstraint.cgi index 4ff939c..e0a59c3 100755 --- a/pinyweb/cgi-bin/checkconstraint.cgi +++ b/pinyweb/cgi-bin/checkconstraint.cgi @@ -12,21 +12,21 @@ use Piny; my $q = CGI->new( ); if ( $q->request_method( ) eq "OPTIONS" ) { - print "Status: 204 No Content\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\nAccess-Control-Max-Age: 3600\n\n"; + print "Status: 200 OK\nAccess-Control-Allow-Headers: *\nAccess-Control-Allow-Methods: GET, OPTIONS, POST\nAccess-Control-Allow-Origin: *\nAccess-Control-Max-Age: 3600\nContent-Type: text/plain\n\n"; } else { my $type = $q->param( 't' ); my $value = $q->param( 'v' ); if ( not defined $type or not defined $value ) { - print "Status: 400 Bad Request\nContent-type: application/json\n\n"; + print "Status: 200 OK\nContent-type: application/json\n\n"; print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Required parameter missing." } ); } else { my $constraint = find_type_constraint( $type ); if ( not defined $constraint ) { - print "Status: 400 Bad Request\nContent-type: application/json\n\n"; + print "Status: 200 OK\nContent-type: application/json\n\n"; print encode_json( { "ok" => JSON::false, "msg" => "Unable to validate due to client-side error, please reload this page. Invalid constraint name." } ); } else { -- cgit v1.2.3