/* * * DEBUG: * AUTHOR: Harvest Derived * * SQUID Internet Object Cache http://squid.nlanr.net/Squid/ * ---------------------------------------------------------- * * Squid is the result of efforts by numerous individuals from the * Internet community. Development is led by Duane Wessels of the * National Laboratory for Applied Network Research and funded by the * National Science Foundation. Squid is Copyrighted (C) 1998 by * the Regents of the University of California. Please see the * COPYRIGHT file for full details. Squid incorporates software * developed and/or copyrighted by other sources. Please see the * CREDITS file for full details. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. * */ #include "config.h" #if HAVE_STDIO_H #include #endif #if HAVE_STRING_H #include #endif #include "util.h" #include "snprintf.h" /* * HTML defines these characters as special entities that should be quoted. */ static char htmlstandardentities[] = { (char) 0x3C, /* < */ (char) 0x3E, /* > */ (char) 0x22, /* " */ (char) 0x26 /* & */ }; /* * html_do_quote - Returns a static buffer containing the quoted * string. */ static char * html_do_quote(const char *string) { static char *buf; static size_t bufsize = 0; const char *p; char *q; int i, do_escape; if (buf == NULL || strlen(string) * 6 > bufsize) { xfree(buf); bufsize = strlen(string) * 6 + 1; buf = xcalloc(bufsize, 1); } for (p = string, q = buf; *p != '\0'; p++, q++) { do_escape = 0; /* These are HTML Entities that must be quoted to display safelu */ for (i = 0; i < sizeof(htmlstandardentities); i++) { if (*p == htmlstandardentities[i]) { do_escape = 1; break; } } /* HTML doesn't require control chars to be quoted... but it seems sensible */ if ((unsigned char) *p <= (unsigned char) 0x1F) { do_escape = 1; } /* ASCII 127 and above needs to be quoted to protect buggy clients */ if ((unsigned char) *p >= (unsigned char) 0x7F) { do_escape = 1; } /* Do the decimal encoding, or just copy the char */ /* note: we do not need snprintf here as q is appropriately * allocated - KA */ if (do_escape == 1) { (void) sprintf(q, "&#%03d;", (unsigned char) *p); q += sizeof(char) * 5; } else { *q = *p; } } *q = '\0'; return (buf); } /* * htmlquote - Returns a static buffer that contains the html 4 * compliant, quoted version of the given string; */ char * html_quote(const char *string) { return html_do_quote(string); }