summaryrefslogtreecommitdiffabout
authorLars Hjemli <hjemli@gmail.com>2008-10-05 10:49:46 (UTC)
committer Lars Hjemli <hjemli@gmail.com>2008-10-05 10:49:46 (UTC)
commita36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch) (unidiff)
treeab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599
parentf82b19407dd876e6c02a572615bf34b09f6fa831 (diff)
downloadcgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2
html.c: add html_url_arg
This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--html.c16
-rw-r--r--html.h1
2 files changed, 17 insertions, 0 deletions
diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -3,255 +3,271 @@
3 * Copyright (C) 2006 Lars Hjemli 3 * Copyright (C) 2006 Lars Hjemli
4 * 4 *
5 * Licensed under GNU General Public License v2 5 * Licensed under GNU General Public License v2
6 * (see COPYING for full license text) 6 * (see COPYING for full license text)
7 */ 7 */
8 8
9#include <unistd.h> 9#include <unistd.h>
10#include <stdio.h> 10#include <stdio.h>
11#include <stdlib.h> 11#include <stdlib.h>
12#include <stdarg.h> 12#include <stdarg.h>
13#include <string.h> 13#include <string.h>
14#include <errno.h> 14#include <errno.h>
15 15
16int htmlfd = STDOUT_FILENO; 16int htmlfd = STDOUT_FILENO;
17 17
18char *fmt(const char *format, ...) 18char *fmt(const char *format, ...)
19{ 19{
20 static char buf[8][1024]; 20 static char buf[8][1024];
21 static int bufidx; 21 static int bufidx;
22 int len; 22 int len;
23 va_list args; 23 va_list args;
24 24
25 bufidx++; 25 bufidx++;
26 bufidx &= 7; 26 bufidx &= 7;
27 27
28 va_start(args, format); 28 va_start(args, format);
29 len = vsnprintf(buf[bufidx], sizeof(buf[bufidx]), format, args); 29 len = vsnprintf(buf[bufidx], sizeof(buf[bufidx]), format, args);
30 va_end(args); 30 va_end(args);
31 if (len>sizeof(buf[bufidx])) { 31 if (len>sizeof(buf[bufidx])) {
32 fprintf(stderr, "[html.c] string truncated: %s\n", format); 32 fprintf(stderr, "[html.c] string truncated: %s\n", format);
33 exit(1); 33 exit(1);
34 } 34 }
35 return buf[bufidx]; 35 return buf[bufidx];
36} 36}
37 37
38void html_raw(const char *data, size_t size) 38void html_raw(const char *data, size_t size)
39{ 39{
40 write(htmlfd, data, size); 40 write(htmlfd, data, size);
41} 41}
42 42
43void html(const char *txt) 43void html(const char *txt)
44{ 44{
45 write(htmlfd, txt, strlen(txt)); 45 write(htmlfd, txt, strlen(txt));
46} 46}
47 47
48void htmlf(const char *format, ...) 48void htmlf(const char *format, ...)
49{ 49{
50 static char buf[65536]; 50 static char buf[65536];
51 va_list args; 51 va_list args;
52 52
53 va_start(args, format); 53 va_start(args, format);
54 vsnprintf(buf, sizeof(buf), format, args); 54 vsnprintf(buf, sizeof(buf), format, args);
55 va_end(args); 55 va_end(args);
56 html(buf); 56 html(buf);
57} 57}
58 58
59void html_status(int code, const char *msg, int more_headers) 59void html_status(int code, const char *msg, int more_headers)
60{ 60{
61 htmlf("Status: %d %s\n", code, msg); 61 htmlf("Status: %d %s\n", code, msg);
62 if (!more_headers) 62 if (!more_headers)
63 html("\n"); 63 html("\n");
64} 64}
65 65
66void html_txt(char *txt) 66void html_txt(char *txt)
67{ 67{
68 char *t = txt; 68 char *t = txt;
69 while(t && *t){ 69 while(t && *t){
70 int c = *t; 70 int c = *t;
71 if (c=='<' || c=='>' || c=='&') { 71 if (c=='<' || c=='>' || c=='&') {
72 write(htmlfd, txt, t - txt); 72 write(htmlfd, txt, t - txt);
73 if (c=='>') 73 if (c=='>')
74 html("&gt;"); 74 html("&gt;");
75 else if (c=='<') 75 else if (c=='<')
76 html("&lt;"); 76 html("&lt;");
77 else if (c=='&') 77 else if (c=='&')
78 html("&amp;"); 78 html("&amp;");
79 txt = t+1; 79 txt = t+1;
80 } 80 }
81 t++; 81 t++;
82 } 82 }
83 if (t!=txt) 83 if (t!=txt)
84 html(txt); 84 html(txt);
85} 85}
86 86
87void html_ntxt(int len, char *txt) 87void html_ntxt(int len, char *txt)
88{ 88{
89 char *t = txt; 89 char *t = txt;
90 while(t && *t && len--){ 90 while(t && *t && len--){
91 int c = *t; 91 int c = *t;
92 if (c=='<' || c=='>' || c=='&') { 92 if (c=='<' || c=='>' || c=='&') {
93 write(htmlfd, txt, t - txt); 93 write(htmlfd, txt, t - txt);
94 if (c=='>') 94 if (c=='>')
95 html("&gt;"); 95 html("&gt;");
96 else if (c=='<') 96 else if (c=='<')
97 html("&lt;"); 97 html("&lt;");
98 else if (c=='&') 98 else if (c=='&')
99 html("&amp;"); 99 html("&amp;");
100 txt = t+1; 100 txt = t+1;
101 } 101 }
102 t++; 102 t++;
103 } 103 }
104 if (t!=txt) 104 if (t!=txt)
105 write(htmlfd, txt, t - txt); 105 write(htmlfd, txt, t - txt);
106 if (len<0) 106 if (len<0)
107 html("..."); 107 html("...");
108} 108}
109 109
110void html_attr(char *txt) 110void html_attr(char *txt)
111{ 111{
112 char *t = txt; 112 char *t = txt;
113 while(t && *t){ 113 while(t && *t){
114 int c = *t; 114 int c = *t;
115 if (c=='<' || c=='>' || c=='\'') { 115 if (c=='<' || c=='>' || c=='\'') {
116 write(htmlfd, txt, t - txt); 116 write(htmlfd, txt, t - txt);
117 if (c=='>') 117 if (c=='>')
118 html("&gt;"); 118 html("&gt;");
119 else if (c=='<') 119 else if (c=='<')
120 html("&lt;"); 120 html("&lt;");
121 else if (c=='\'') 121 else if (c=='\'')
122 html("&quote;"); 122 html("&quote;");
123 txt = t+1; 123 txt = t+1;
124 } 124 }
125 t++; 125 t++;
126 } 126 }
127 if (t!=txt) 127 if (t!=txt)
128 html(txt); 128 html(txt);
129} 129}
130 130
131void html_url_arg(char *txt)
132{
133 char *t = txt;
134 while(t && *t){
135 int c = *t;
136 if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
137 write(htmlfd, txt, t - txt);
138 write(htmlfd, fmt("%%%2x", c), 3);
139 txt = t+1;
140 }
141 t++;
142 }
143 if (t!=txt)
144 html(txt);
145}
146
131void html_hidden(char *name, char *value) 147void html_hidden(char *name, char *value)
132{ 148{
133 html("<input type='hidden' name='"); 149 html("<input type='hidden' name='");
134 html_attr(name); 150 html_attr(name);
135 html("' value='"); 151 html("' value='");
136 html_attr(value); 152 html_attr(value);
137 html("'/>"); 153 html("'/>");
138} 154}
139 155
140void html_option(char *value, char *text, char *selected_value) 156void html_option(char *value, char *text, char *selected_value)
141{ 157{
142 html("<option value='"); 158 html("<option value='");
143 html_attr(value); 159 html_attr(value);
144 html("'"); 160 html("'");
145 if (selected_value && !strcmp(selected_value, value)) 161 if (selected_value && !strcmp(selected_value, value))
146 html(" selected='selected'"); 162 html(" selected='selected'");
147 html(">"); 163 html(">");
148 html_txt(text); 164 html_txt(text);
149 html("</option>\n"); 165 html("</option>\n");
150} 166}
151 167
152void html_link_open(char *url, char *title, char *class) 168void html_link_open(char *url, char *title, char *class)
153{ 169{
154 html("<a href='"); 170 html("<a href='");
155 html_attr(url); 171 html_attr(url);
156 if (title) { 172 if (title) {
157 html("' title='"); 173 html("' title='");
158 html_attr(title); 174 html_attr(title);
159 } 175 }
160 if (class) { 176 if (class) {
161 html("' class='"); 177 html("' class='");
162 html_attr(class); 178 html_attr(class);
163 } 179 }
164 html("'>"); 180 html("'>");
165} 181}
166 182
167void html_link_close(void) 183void html_link_close(void)
168{ 184{
169 html("</a>"); 185 html("</a>");
170} 186}
171 187
172void html_fileperm(unsigned short mode) 188void html_fileperm(unsigned short mode)
173{ 189{
174 htmlf("%c%c%c", (mode & 4 ? 'r' : '-'), 190 htmlf("%c%c%c", (mode & 4 ? 'r' : '-'),
175 (mode & 2 ? 'w' : '-'), (mode & 1 ? 'x' : '-')); 191 (mode & 2 ? 'w' : '-'), (mode & 1 ? 'x' : '-'));
176} 192}
177 193
178int html_include(const char *filename) 194int html_include(const char *filename)
179{ 195{
180 FILE *f; 196 FILE *f;
181 char buf[4096]; 197 char buf[4096];
182 size_t len; 198 size_t len;
183 199
184 if (!(f = fopen(filename, "r"))) { 200 if (!(f = fopen(filename, "r"))) {
185 fprintf(stderr, "[cgit] Failed to include file %s: %s (%d).\n", 201 fprintf(stderr, "[cgit] Failed to include file %s: %s (%d).\n",
186 filename, strerror(errno), errno); 202 filename, strerror(errno), errno);
187 return -1; 203 return -1;
188 } 204 }
189 while((len = fread(buf, 1, 4096, f)) > 0) 205 while((len = fread(buf, 1, 4096, f)) > 0)
190 write(htmlfd, buf, len); 206 write(htmlfd, buf, len);
191 fclose(f); 207 fclose(f);
192 return 0; 208 return 0;
193} 209}
194 210
195int hextoint(char c) 211int hextoint(char c)
196{ 212{
197 if (c >= 'a' && c <= 'f') 213 if (c >= 'a' && c <= 'f')
198 return 10 + c - 'a'; 214 return 10 + c - 'a';
199 else if (c >= 'A' && c <= 'F') 215 else if (c >= 'A' && c <= 'F')
200 return 10 + c - 'A'; 216 return 10 + c - 'A';
201 else if (c >= '0' && c <= '9') 217 else if (c >= '0' && c <= '9')
202 return c - '0'; 218 return c - '0';
203 else 219 else
204 return -1; 220 return -1;
205} 221}
206 222
207char *convert_query_hexchar(char *txt) 223char *convert_query_hexchar(char *txt)
208{ 224{
209 int d1, d2; 225 int d1, d2;
210 if (strlen(txt) < 3) { 226 if (strlen(txt) < 3) {
211 *txt = '\0'; 227 *txt = '\0';
212 return txt-1; 228 return txt-1;
213 } 229 }
214 d1 = hextoint(*(txt+1)); 230 d1 = hextoint(*(txt+1));
215 d2 = hextoint(*(txt+2)); 231 d2 = hextoint(*(txt+2));
216 if (d1<0 || d2<0) { 232 if (d1<0 || d2<0) {
217 strcpy(txt, txt+3); 233 strcpy(txt, txt+3);
218 return txt-1; 234 return txt-1;
219 } else { 235 } else {
220 *txt = d1 * 16 + d2; 236 *txt = d1 * 16 + d2;
221 strcpy(txt+1, txt+3); 237 strcpy(txt+1, txt+3);
222 return txt; 238 return txt;
223 } 239 }
224} 240}
225 241
226int http_parse_querystring(char *txt, void (*fn)(const char *name, const char *value)) 242int http_parse_querystring(char *txt, void (*fn)(const char *name, const char *value))
227{ 243{
228 char *t, *value = NULL, c; 244 char *t, *value = NULL, c;
229 245
230 if (!txt) 246 if (!txt)
231 return 0; 247 return 0;
232 248
233 t = txt = strdup(txt); 249 t = txt = strdup(txt);
234 if (t == NULL) { 250 if (t == NULL) {
235 printf("Out of memory\n"); 251 printf("Out of memory\n");
236 exit(1); 252 exit(1);
237 } 253 }
238 while((c=*t) != '\0') { 254 while((c=*t) != '\0') {
239 if (c=='=') { 255 if (c=='=') {
240 *t = '\0'; 256 *t = '\0';
241 value = t+1; 257 value = t+1;
242 } else if (c=='+') { 258 } else if (c=='+') {
243 *t = ' '; 259 *t = ' ';
244 } else if (c=='%') { 260 } else if (c=='%') {
245 t = convert_query_hexchar(t); 261 t = convert_query_hexchar(t);
246 } else if (c=='&') { 262 } else if (c=='&') {
247 *t = '\0'; 263 *t = '\0';
248 (*fn)(txt, value); 264 (*fn)(txt, value);
249 txt = t+1; 265 txt = t+1;
250 value = NULL; 266 value = NULL;
251 } 267 }
252 t++; 268 t++;
253 } 269 }
254 if (t!=txt) 270 if (t!=txt)
255 (*fn)(txt, value); 271 (*fn)(txt, value);
256 return 0; 272 return 0;
257} 273}
diff --git a/html.h b/html.h
index 3c32935..038cf60 100644
--- a/html.h
+++ b/html.h
@@ -1,22 +1,23 @@
1#ifndef HTML_H 1#ifndef HTML_H
2#define HTML_H 2#define HTML_H
3 3
4extern int htmlfd; 4extern int htmlfd;
5 5
6extern void html_raw(const char *txt, size_t size); 6extern void html_raw(const char *txt, size_t size);
7extern void html(const char *txt); 7extern void html(const char *txt);
8extern void htmlf(const char *format,...); 8extern void htmlf(const char *format,...);
9extern void html_status(int code, const char *msg, int more_headers); 9extern void html_status(int code, const char *msg, int more_headers);
10extern void html_txt(char *txt); 10extern void html_txt(char *txt);
11extern void html_ntxt(int len, char *txt); 11extern void html_ntxt(int len, char *txt);
12extern void html_attr(char *txt); 12extern void html_attr(char *txt);
13extern void html_url_arg(char *txt);
13extern void html_hidden(char *name, char *value); 14extern void html_hidden(char *name, char *value);
14extern void html_option(char *value, char *text, char *selected_value); 15extern void html_option(char *value, char *text, char *selected_value);
15extern void html_link_open(char *url, char *title, char *class); 16extern void html_link_open(char *url, char *title, char *class);
16extern void html_link_close(void); 17extern void html_link_close(void);
17extern void html_fileperm(unsigned short mode); 18extern void html_fileperm(unsigned short mode);
18extern int html_include(const char *filename); 19extern int html_include(const char *filename);
19 20
20extern int http_parse_querystring(char *txt, void (*fn)(const char *name, const char *value)); 21extern int http_parse_querystring(char *txt, void (*fn)(const char *name, const char *value));
21 22
22#endif /* HTML_H */ 23#endif /* HTML_H */