b8023f3df3e17b6f60875f88935e60c232d64d16
galt
  Fri Sep 16 22:40:13 2016 -0700
refs #177282. fixes textarea xss vulnerability in cheapcgi.c visible in hgVai. Added functions to allow outputs of large but indeterminate size such as dyString and file streams like fprintf.

diff --git src/inc/cheapcgi.h src/inc/cheapcgi.h
index f4130aa..b5a459f 100644
--- src/inc/cheapcgi.h
+++ src/inc/cheapcgi.h
@@ -1,27 +1,25 @@
 /* cheapcgi.h - turns variables passed from the web form into
  * something that C understands. 
  * 
  * This file is copyright 2000 Jim Kent, but license is hereby
  * granted for all use - public, private or commercial. */
 
 #ifndef CHEAPCGI_H
 #define CHEAPCGI_H
 
-#ifndef DYSTRING_H
 #include "dystring.h"
-#endif
 
 #ifndef HASH_H
 #include "hash.h"
 #endif
 
 #define COLOR_BG_DEFAULT         "#FFFEE8"
 #define COLOR_BG_ALTDEFAULT      "#FFF9D2"
 #define COLOR_BG_DEFAULT_DARKER  "#FCECC0"
 #define COLOR_BG_DEFAULT_DARKEST "#EED5B7"
 #define COLOR_BG_GHOST           "#EEEEEE"
 #define COLOR_BG_PALE            "#F8F8F8"
 #define COLOR_BG_HEADER_LTBLUE   "#D9E4F8"
 #define COLOR_DARKGREEN          "#008800"
 #define COLOR_LTGREEN            "#CCFFCC"
 #define COLOR_DARKBLUE           "#000088"