Fix directory traversal issue in extension doc server.

chrome/common/extensions/docs/server/chromeextensionsdocs.py

 #!/usr/bin/python
 # Copyright (c) 2011 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 import cgi
 import logging
 import re
 import os
 
@@ skipping 54 matching lines @@
       logging.info("Cache miss: " + path)
       url = self.getSrcUrl(path)
       if (url[1] is not Channel.TRUNK) and (url[0] != "http://src.chromium.org/favicon.ico"):
         branch = self.getBranch(url[1])
         url = url[0] % branch
       else:
         url = url[0]
       logging.info("Path: " + self.request.path)
       logging.info("Url: " + url)
       try:
-        result = urlfetch.fetch(url + self.request.query_string)
+        # TODO(aa): Do we need to pass the querystring through here? We used to,

[Mihai Parparita -not on Chrome, 2011/11/15 14:44:49]

You could also switch this to url + '?' + self.request.query_string (which I
assume is closer to the intent of the original code).

[Aaron Boodman, 2011/11/15 19:06:57]

Aha! In that case, I'm comfortable just removing this completely since it wasn't
working before anyway. Thanks :)

+        # but that caused problems. See crbug.com/104272.
+        result = urlfetch.fetch(url)
         if result.status_code != 200:
           logging.error("urlfetch failed: " + url)
           # TODO(nickbaum): what should we do when the urlfetch fails?
       except:
         logging.error("urlfetch failed: " + url)
         # TODO(nickbaum): what should we do when the urlfetch fails?
       try:
         if not memcache.add(path, result, DEFAULT_CACHE_TIME):
           logging.error("Memcache set failed.")
       except:
@@ skipping 179 matching lines @@
   ('/.*', MainPage),
 ], debug=False)
 
 
 def main():
   run_wsgi_app(application)
 
 
 if __name__ == '__main__':
   main()