author | Mark Lodato <lodatom@gmail.com> | 2010-02-09 15:12:43 (UTC) |
---|---|---|
committer | Mark Lodato <lodatom@gmail.com> | 2010-02-09 15:12:43 (UTC) |
commit | a2c6355f9fdede78ce46aeee39ef649637aaadf9 (patch) (side-by-side diff) | |
tree | 4ed595f688691e7a35c5684ca59164bcc777b74c /cgitrc.5.txt | |
parent | 8aab27f24de70acfbdcee31c634a4b1facf23b92 (diff) | |
download | cgit-a2c6355f9fdede78ce46aeee39ef649637aaadf9.zip cgit-a2c6355f9fdede78ce46aeee39ef649637aaadf9.tar.gz cgit-a2c6355f9fdede78ce46aeee39ef649637aaadf9.tar.bz2 |
html: properly percent-escape URLs
The only valid characters for a URL are unreserved characters
a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per
RFC 3986. Everything else must be escaped. Additionally, the # and
? always have special meaning, and the &, =, and + have special meaning
in a query string, so they too must be escaped. To make this easier,
a table of escapes is now used so that we do not have to call fmt() for
each character; if the entry is 0, no escaping is needed.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
0 files changed, 0 insertions, 0 deletions