author | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 10:49:46 (UTC) |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 10:49:46 (UTC) |
commit | a36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch) (side-by-side diff) | |
tree | ab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599 | |
parent | f82b19407dd876e6c02a572615bf34b09f6fa831 (diff) | |
download | cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2 |
html.c: add html_url_arg
This function can be used to properly escape querystring parameter values.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
-rw-r--r-- | html.c | 16 | ||||
-rw-r--r-- | html.h | 1 |
2 files changed, 17 insertions, 0 deletions
@@ -129,4 +129,20 @@ void html_attr(char *txt) } +void html_url_arg(char *txt) +{ + char *t = txt; + while(t && *t){ + int c = *t; + if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') { + write(htmlfd, txt, t - txt); + write(htmlfd, fmt("%%%2x", c), 3); + txt = t+1; + } + t++; + } + if (t!=txt) + html(txt); +} + void html_hidden(char *name, char *value) { @@ -11,4 +11,5 @@ extern void html_txt(char *txt); extern void html_ntxt(int len, char *txt); extern void html_attr(char *txt); +extern void html_url_arg(char *txt); extern void html_hidden(char *name, char *value); extern void html_option(char *value, char *text, char *selected_value); |