The sed-request filter applies the sed edit commands to an incoming request entity body, for example, an uploaded file or submitted form.
The following table shows the sed-request parameters:
Table 7–72 sed-request Parameters
Parameter |
Description |
---|---|
Specifies a sed command script. When multiple sed parameters are provided, the sed edit commands are evaluated in the order they appear. |
The following obj.conf code instructs sed-request to encode any (<) and (>) characters posted in an HTML form:
Input fn="insert-filter" method="POST" filter="sed-request" sed="s/</\\</g" sed="s/%3c/\\</g" sed="s/%3C/\\</g" sed="s/>/\\>/g" sed="s/%3e/\\>/g" sed="s/%3E/\\>/g"
Because POST bodies are usually URL-encoded, it is important to check for URL-encoded forms when editing POST bodies. %3C is the URL-encoded form of (<) and %3E is the URI-encoded form of (>).