squid-
cache.org
Optimising Web Delivery
Docs
Download
Donate
Support
About
Contact
Shop
Blog
lib
html_quote.c
Go to the documentation of this file.
1
/*
2
* Copyright (C) 1996-2020 The Squid Software Foundation and contributors
3
*
4
* Squid software is distributed under GPLv2+ license and includes
5
* contributions from numerous individuals and organizations.
6
* Please see the COPYING and CONTRIBUTORS files for details.
7
*/
8
9
#include "
squid.h
"
10
#include "
html_quote.h
"
11
12
#if HAVE_STRING_H
13
#include <string.h>
14
#endif
15
16
/*
17
* HTML defines these characters as special entities that should be quoted.
18
*/
19
static
struct
{
20
unsigned
char
code
;
21
const
char
*
quote
;
22
}
htmlstandardentities
[] =
23
24
{
25
/* NOTE: The quoted form MUST not be larger than 6 character.
26
* see close to the MemPool commend below
27
*/
28
{
29
'<'
,
"<"
30
},
31
{
32
'>'
,
">"
33
},
34
{
35
'"'
,
"""
36
},
37
{
38
'&'
,
"&"
39
},
40
{
41
'\''
,
"'"
42
},
43
{
44
0,
NULL
45
}
46
};
47
48
/*
49
* html_do_quote - Returns a static buffer containing the quoted
50
* string.
51
*/
52
char
*
53
html_quote
(
const
char
*
string
)
54
{
55
static
char
*
buf
;
56
static
size_t
bufsize = 0;
57
const
char
*src;
58
char
*dst;
59
int
i;
60
61
/* XXX This really should be implemented using a MemPool, but
62
* MemPools are not yet available in lib...
63
*/
64
if
(
buf
==
NULL
|| strlen(
string
) * 6 > bufsize) {
65
xfree
(
buf
);
66
bufsize = strlen(
string
) * 6 + 1;
67
buf
=
xcalloc
(bufsize, 1);
68
}
69
for
(src =
string
, dst =
buf
; *src; src++) {
70
const
char
*escape =
NULL
;
71
const
unsigned
char
ch = *src;
72
73
/* Walk thru the list of HTML Entities that must be quoted to
74
* display safely
75
*/
76
for
(i = 0;
htmlstandardentities
[i].code; i++) {
77
if
(ch ==
htmlstandardentities
[i].
code
) {
78
escape =
htmlstandardentities
[i].quote;
79
break
;
80
}
81
}
82
/* Encode control chars just to be on the safe side, and make
83
* sure all 8-bit characters are encoded to protect from buggy
84
* clients
85
*/
86
if
(!escape && (ch <= 0x1F || ch >= 0x7f) && ch !=
'\n'
&& ch !=
'\r'
&& ch !=
'\t'
) {
87
static
char
dec_encoded[7];
88
snprintf(dec_encoded,
sizeof
dec_encoded,
"&#%3d;"
, (
int
) ch);
89
escape = dec_encoded;
90
}
91
if
(escape) {
92
/* Ok, An escaped form was found above. Use it */
93
strncpy(dst, escape, 7);
94
dst += strlen(escape);
95
}
else
{
96
/* Apparently there is no need to escape this character */
97
*dst++ = ch;
98
}
99
}
100
/* Nullterminate and return the result */
101
*dst =
'\0'
;
102
return
(
buf
);
103
}
104
quote
const char * quote
Definition:
html_quote.c:21
xcalloc
void * xcalloc(size_t n, size_t sz)
Definition:
xalloc.cc:72
html_quote
char * html_quote(const char *string)
Definition:
html_quote.c:53
NULL
#define NULL
Definition:
types.h:166
code
unsigned char code
Definition:
html_quote.c:20
xfree
#define xfree
Definition:
negotiate_wrapper.cc:54
html_quote.h
squid.h
buf
void const char * buf
Definition:
stub_helper.cc:16
htmlstandardentities
static struct @21 htmlstandardentities[]
Introduction
About Squid
Why Squid?
Squid Developers
How to Donate
How to Help Out
Getting Squid
Squid Source Packages
Squid Deployment Case-Studies
Squid Software Foundation
Documentation
Configuration:
Reference
Examples
FAQ
and
Wiki
Guide Books:
Beginners
Definitive
Non-English
More...
Support
Security Advisories
Bugzilla Database
Mailing lists
Contacting us
Commercial services
Project Sponsors
Squid-based products
Miscellaneous
Developer Resources
Related Writings
Related Software:
Authenticators
Ecap
Icap
Ident
Log Analysis
Monitor
Proxies
Redirectors
General
Squid Artwork
Web Site Translations
Japanese
Mirrors
Website:
gr
il
jp
pl
...
full list
FTP Package Archive