January 25th, 2002

livejournal: misc

Module Name: livejournal
Committed By: bradfitz
Date: Fri Jan 25 23:47:29 UTC 2002

Modified Files:
---------------
livejournal/cgi-bin: ljlib.pl ljprotocol.pl

Log Message:
------------
-- save dudata info on postevent/editevent
-- add some functions to ljlib
-- fix a bug in getevents

To generate a diff of this commit:
cvs rdiff -r1.126 -r1.127 livejournal/cgi-bin/ljlib.pl
http://danga.com/lj/cvsweb.cgi/livejournal/cgi-bin/ljlib.pl.diff?r1=1.126&r2=1.127
cvs rdiff -r1.61 -r1.62 livejournal/cgi-bin/ljprotocol.pl
http://danga.com/lj/cvsweb.cgi/livejournal/cgi-bin/ljprotocol.pl.diff?r1=1.61&r2=1.62

livejournal: long line cleanup

Module Name: livejournal
Committed By: bradfitz
Date: Sat Jan 26 02:10:53 UTC 2002

Modified Files:
---------------
livejournal/cgi-bin: ljprotocol.pl

Log Message:
------------
all long lines are now split into multiple lines
no functional changes (i hope)


To generate a diff of this commit:
cvs rdiff -r1.62 -r1.63 livejournal/cgi-bin/ljprotocol.pl
http://danga.com/lj/cvsweb.cgi/livejournal/cgi-bin/ljprotocol.pl.diff?r1=1.62&r2=1.63

livejournal: critical performance/security fix

Module Name: livejournal
Committed By: bradfitz
Date: Sat Jan 26 07:39:58 UTC 2002

Modified Files:
---------------
livejournal/cgi-bin: cleanhtml.pl

Log Message:
------------
This regexp could stall before for minutes, proportional exponentially
to the the size of input (journal entry text.)

The problem was using &.{1,7}; as a pattern for entities was too
general, and the . matched past the ; into the next entity, given a
string of, say, give hundred lt entities right in a row.

If you know how regular expression engines work and how they do
backtracking, you'll see why this sucked major ass.

So now \#?\w+ as the entity content body is used instead of ., which
is actually more accurate. I found an SGML BNF that also listed
'&u-' Hex4 ';' as a entity type, but I've never seen that.

In any case, all this is unnecessary soon when we support UTF-8. The
whole reason we had this in the first place was because Russian users
were posting entire posts in entities. (each letter = 5 characters =
sick)


To generate a diff of this commit:
cvs rdiff -r1.8 -r1.9 livejournal/cgi-bin/cleanhtml.pl
http://danga.com/lj/cvsweb.cgi/livejournal/cgi-bin/cleanhtml.pl.diff?r1=1.8&r2=1.9