#16 Some URLs result in a BYPASS loop

[Richard Eames]

This problem occurs in the current stable and beta
versions of Dansguardian.

I've enabled the BYPASS feature and it works well.
However, certain URLs seem to cause a infinite loop
of BYPASSes: The particular one I've found is the
ebay advanced search. I fI click on the advanced
search button immediately after entering EBAY. The
problem appears to be caused by the bypass hash being
generated from an escaped URL (the & is converted
into &amp); while the hash generated for comparison
the next time the page is visited isn't escaped.
Hence the two URL's are actually different and the
hashes don't match (see below):

FIRST (just before BYPASS page is displayed

Sep 15 16:38:31 apsu dansguardian: Generate hash
GBYPASS=271760007A26C351403FB3B6C6129F051158311310
from url
http://search.ebay.com.au/ws/search/AdvSearch?
sofindtype=13&ssPageName=h:h:advsearch:AU

SECOND (generating new hash to compare with the one
extracted from GBYPASS=)

Sep 15 16:38:32 apsu dansguardian: URL is
http://search.ebay.com.au/ws/search/AdvSearch?
sofindtype=13&ssPageName=h:h:advsearch:AU

AND The hashes don't match:

Sep 15 16:38:32 apsu dansguardian: URL GBYPASS hash
mismatch

I'm continuing to delve into the code to try to find
out why one is escaped and the other isn't.

Richard Eames

[Richard Eames]

Config files and template

[Richard Eames]

Logged In: YES
user_id=1600371

One quick point : The first URL is the actual one displayed
in the web browser:

http://search.ebay.com/ws/search/AdvSearch?sofindtype=13&ssPageName=h:h:advsearch:US

SO it's the second one which is wrong?

[Richard Eames]

Logged In: YES
user_id=1600371

OK I've found out where it happens (although I'm not sure of
a fix):

When the BYPASS page is displayed the URL for the bypass is
http://search.ebay.com/ws/search/AdvSearch?sofindtype=13&ssPageName=h:h:advsearch:US&GBYPASS=224C4A1168EF2FEC4D076C6E100ED7511158547458
(looking at the page source)

But the link actually displayed is

http://search.ebay.com.au/ws/search/AdvSearch?sofindtype=13&ssPageName=h:h:advsearch:AU&GBYPASS=546D295AD58B5D7C75EC5E28655CC0AA1158547700

And of course the generated hash is wrong as a result of the
change.

[Richard Eames]

Logged In: YES
user_id=1600371

I've added some code as a work around to HTMLTemplate.cpp in
the BYPASS section just after

            else if (line == "-BYPASS-") {
                    if (hashed.length() > 0) {
                            line = *url;

The code below is just a hack since there are other codes
such as &amp etc:

                           while (line.contains("&")) {
                              before = line.before("&");
                              after = line.after("&");
                              templine = before +

"&";
line = after;
}
if (
strlen(templine.toCharArray()) ) {
line = templine + after;
}

[James Jalbert]

Any word of a fix for this issue?