#51 logs parsing fails on unescaped variable

0.7.x
open
nobody
General (39)
5
2012-09-14
2010-03-26
Richard
No

If a user authenticates to the proxy using DOMAIN\USERNAME instead of just USERNAME then when the logs.cgi parses the log file it gets tripped up on the unescaped \ in the $user variable

logs.cgi:Line 710
return if (($sUN ne 'ALL') && ($sUN !~ m/^$user$/i));

The temporary solution I've put into place is to \Q quote \E endquote the $user variable. This is not the best fix because the logs fail to pickup the DOMAIN\USER when making a match.

Temporary solution: return if (($sUN ne 'ALL') && ($sUN !~ m/^.*\Q$user\E$/i));

What is the best way to address this? Is it best addressed in the regexp match line?

Discussion


Log in to post a comment.