cgit/html.c, branch v0.9A hyperfast web frontend for git repositories written in C.http://git.cetero.st/cgit/atom/html.c?h=v0.92011-03-05T13:01:59ZMerge branch 'stable'2011-03-05T13:01:59ZLars Hjemlihjemli@gmail.com2011-03-05T13:01:59Zurn:sha1:1b09cbd303d889ec2636127584d57b7f1b70c25edo not infloop on a query ending in %XY, for invalid hex X or Y2011-03-05T12:38:34ZJim Meyeringmeyering@redhat.com2011-02-28T11:18:57Zurn:sha1:fc384b16fb9787380746000d3cea2d53fccc548e
When a query ends in say %gg, (or any invalid hex) e.g.,
http://git.gnome.org/browse/gdlmm/commit/?id=%gg
convert_query_hexchar calls memmove(txt, txt+3, 0), and then returns
txt-1, so the loop in http_parse_querystring never terminates. The
solution is to make the memmove also copy the trailing NUL.
* html.c (convert_query_hexchar): Fix off-by-one error.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
html.c: use '+' to escape spaces in urls2010-11-09T23:22:41ZLars Hjemlihjemli@gmail.com2010-11-09T17:15:21Zurn:sha1:c2680325f68192368d32f26458fea9cfb50df6e5
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
prefer html_raw() to write()2010-09-04T18:30:10ZMark Lodatolodatom@gmail.com2010-09-04T18:18:16Zurn:sha1:d187b98557d91b874836f286b955ba76ab26fb02
To make the code more consistent, and to not rely on the implementation
of html(), always use html_raw(...) instead of write(htmlfd, ...).
Signed-off-by: Mark Lodato <lodatom@gmail.com>
Merge branch 'stable'2010-08-29T15:40:51ZLars Hjemlihjemli@gmail.com2010-08-29T15:40:51Zurn:sha1:6940b23b9e4698ba466a4616e4de77b986560ad3html: fix strcpy bug in convert_query_hexchar2010-08-29T15:27:40ZMark Lodatolodatom@gmail.com2010-08-28T01:02:27Zurn:sha1:48434780ca62fde84337ea1e797f642de5ca50d5
The source and destination strings in strcpy() may not overlap.
Instead, use memmove(), which allows overlap. This fixes test t0104,
where 'url=foo%2bbar/tree' was being parsed improperly.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
html: properly percent-escape URLs2010-02-09T15:12:43ZMark Lodatolodatom@gmail.com2010-02-09T15:12:43Zurn:sha1:a2c6355f9fdede78ce46aeee39ef649637aaadf9
The only valid characters for a URL are unreserved characters
a-zA-Z0-9_-.~ and the reserved characters !*'();:@&=+$,/?%#[] , as per
RFC 3986. Everything else must be escaped. Additionally, the # and
? always have special meaning, and the &, =, and + have special meaning
in a query string, so they too must be escaped. To make this easier,
a table of escapes is now used so that we do not have to call fmt() for
each character; if the entry is 0, no escaping is needed.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
html: make all strings 'const char *'2010-02-09T04:04:41ZMark Lodatolodatom@gmail.com2010-02-09T04:04:41Zurn:sha1:8aab27f24de70acfbdcee31c634a4b1facf23b92
None of the html_* functions modify their argument, so they can all be
'const char *' instead of a simple 'char *'. This removes the need to
cast (or copy) when trying to print a const string.
Signed-off-by: Mark Lodato <lodatom@gmail.com>
html.c: use correct escaping in html attributes2009-01-29T21:21:15ZLars Hjemlihjemli@gmail.com2009-01-29T21:21:15Zurn:sha1:7efcef00b5aadf22f5be80ecd7b736398cf7f6b4
First, an apostrophe is not a quote. Second, we also need to escape
quotes. And finally, quotes are encoded as '"', not '"e;'.
Sighned-off-by: Lars Hjemli <hjemli@gmail.com>
html.c: add html_url_path2008-10-05T14:52:57ZLars Hjemlihjemli@gmail.com2008-10-05T14:52:57Zurn:sha1:22a597e56dc7fdea78ccbcb7466b45dd62cf7b32
This function can be used to generate properly escaped path-components
for links.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>