summaryrefslogtreecommitdiffabout
path: root/html.c
authorLars Hjemli <hjemli@gmail.com>2008-10-05 10:49:46 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2008-10-05 10:49:46 (UTC)
commita36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch) (unidiff)
treeab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599 /html.c
parentf82b19407dd876e6c02a572615bf34b09f6fa831 (diff)
downloadcgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2
html.c: add html_url_arg
This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'html.c') (more/less context) (ignore whitespace changes)
-rw-r--r--html.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -123,16 +123,32 @@ void html_attr(char *txt)
123 txt = t+1; 123 txt = t+1;
124 } 124 }
125 t++; 125 t++;
126 } 126 }
127 if (t!=txt) 127 if (t!=txt)
128 html(txt); 128 html(txt);
129} 129}
130 130
131void html_url_arg(char *txt)
132{
133 char *t = txt;
134 while(t && *t){
135 int c = *t;
136 if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
137 write(htmlfd, txt, t - txt);
138 write(htmlfd, fmt("%%%2x", c), 3);
139 txt = t+1;
140 }
141 t++;
142 }
143 if (t!=txt)
144 html(txt);
145}
146
131void html_hidden(char *name, char *value) 147void html_hidden(char *name, char *value)
132{ 148{
133 html("<input type='hidden' name='"); 149 html("<input type='hidden' name='");
134 html_attr(name); 150 html_attr(name);
135 html("' value='"); 151 html("' value='");
136 html_attr(value); 152 html_attr(value);
137 html("'/>"); 153 html("'/>");
138} 154}