added util::attr_escape

escaping string for inclusion into x(ht)ml attributes Signed-off-by: Michael Krelin <hacker@klever.net>
author: Michael Krelin <hacker@klever.net> 2008-02-02 10:50:48 (UTC)
committer: Michael Krelin <hacker@klever.net> 2008-02-02 10:50:48 (UTC)
commit: b7ce9a84f0775eb24f0a27d3816bf57b774a2927 (patch) (unidiff)
tree: 77d3bf4830e9d45824bc466c7e1b5279f3ff1111
parent: f29ad6501686e5f43b536258b86d12683c711f02 (diff)
download: libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.zip
libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.tar.gz
libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.tar.bz2
2 files changed, 26 insertions, 0 deletions
diff --git a/include/opkele/util.h b/include/opkele/util.h
index 6f3ddf6..719f951 100644
--- a/include/opkele/util.h
+++ b/include/opkele/util.h
@@ -79,48 +79,55 @@ namespace opkele {
        /**
         * Convert internal time representation to w3c format
         * @param t internal representation
         * @return w3c time
         * @throw failed_conversion in case of error
         */
        string time_to_w3c(time_t t);
        /**
         * Convert W3C time representation to  internal time_t
         * @param w w3c representation
         * @return converted time
         * @throw failed_conversion in case of error
         */
        time_t w3c_to_time(const string& w);
        /**
         * Encode string to the representation suitable for using in URL.
         * @param str string to encode
         * @return encoded string
         * @throw failed_conversion in case of failure
         */
        string url_encode(const string& str);
        /**
+         * Make string suitable for using as x(ht)ml attribute.
+         * @param str string to escape
+         * @return escaped string
+         */
+        string attr_escape(const string& str);
+        /**
         * Convert number to string
         * @param l number
         * @return string representation
         * @throw failed_conversion in case of failure
         */
        string long_to_string(long l);
        /**
         * Convert string to number
         * @param s string, containing the number
         * @return the number
         * @throw failed_conversion in case of failure
         */
        long string_to_long(const string& s);
        /**
         * Encode binary data using base64.
         * @param data pointer to binary data
         * @param length length of data
         * @return encoded data
         */
        string encode_base64(const void *data,size_t length);
        /**
         * Decode binary data from base64 representation.
         * @param data base64-encoded data
diff --git a/lib/util.cc b/lib/util.cc
index 54d6535..b7bc437 100644
--- a/lib/util.cc
+++ b/lib/util.cc
@@ -140,48 +140,67 @@ namespace opkele {
                        ) != 7
                    ) )
                throw failed_conversion(OPKELE_CP_ "failed to sscanf()");
            tm_t.tm_mon--;
            tm_t.tm_year-=1900;
            time_t rv = mktime(&tm_t);
            if(rv==(time_t)-1)
                throw failed_conversion(OPKELE_CP_ "failed to mktime()");
            return rv-timezone;
        }
        /*
         *
         */
        string url_encode(const string& str) {
            char * t = curl_escape(str.c_str(),str.length());
            if(!t)
                throw failed_conversion(OPKELE_CP_ "failed to curl_escape()");
            string rv(t);
            curl_free(t);
            return rv;
        }
+        string attr_escape(const string& str) {
+            static const char *unsafechars = "<>&\n\"'";
+            string rv;
+            string::size_type p=0;
+            while(true) {
+                string::size_type us = str.find_first_of(unsafechars,p);
+                if(us==string::npos) {
+                    if(p!=str.length())
+                        rv.append(str,p,str.length()-p);
+                    return rv;
+                }
+                rv.append(str,p,us-p);
+                rv += "&#";
+                rv += long_to_string((long)str[us]);
+                rv += ';';
+                p = us+1;
+            }
+        }
        string long_to_string(long l) {
            char rv[32];
            int r=snprintf(rv,sizeof(rv),"%ld",l);
            if(r<0 || r>=(int)sizeof(rv))
                throw failed_conversion(OPKELE_CP_ "failed to snprintf()");
            return rv;
        }
        long string_to_long(const string& s) {
            char *endptr = 0;
            long rv = strtol(s.c_str(),&endptr,10);
            if((!endptr) || endptr==s.c_str())
                throw failed_conversion(OPKELE_CP_ "failed to strtol()");
            return rv;
        }
        /*
         * Normalize URL according to the rules, described in rfc 3986, section 6
         *
         * - uppercase hex triplets (e.g. %ab -> %AB)
         * - lowercase scheme and host
         * - decode %-encoded characters, specified as unreserved in rfc 3986, section 2.3,
         *   that is - [:alpha:][:digit:]._~-
         * - remove dot segments
author	Michael Krelin <hacker@klever.net>	2008-02-02 10:50:48 (UTC)
committer	Michael Krelin <hacker@klever.net>	2008-02-02 10:50:48 (UTC)
commit	b7ce9a84f0775eb24f0a27d3816bf57b774a2927 (patch) (unidiff)
tree	77d3bf4830e9d45824bc466c7e1b5279f3ff1111
parent	f29ad6501686e5f43b536258b86d12683c711f02 (diff)
download	libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.zip libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.tar.gz libopkele-b7ce9a84f0775eb24f0a27d3816bf57b774a2927.tar.bz2