all repos — cgit @ a36a0d9dec8a3ba79501d2526d648e44306f0fdd

a hyperfast web frontend for git written in c 

html.c: add html_url_arg

This function can be used to properly escape querystring parameter values.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Lars Hjemli hjemli@gmail.com
Sun, 05 Oct 2008 12:49:46 +0200
commit

a36a0d9dec8a3ba79501d2526d648e44306f0fdd

parent

f82b19407dd876e6c02a572615bf34b09f6fa831

2 files changed, 17 insertions(+), 0 deletions(-)

jump to
M html.chtml.c 
@@ -128,6 +128,22 @@ if (t!=txt)
 		html(txt);
 }
 
+void html_url_arg(char *txt)
+{
+	char *t = txt;
+	while(t && *t){
+		int c = *t;
+		if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
+			write(htmlfd, txt, t - txt);
+			write(htmlfd, fmt("%%%2x", c), 3);
+			txt = t+1;
+		}
+		t++;
+	}
+	if (t!=txt)
+		html(txt);
+}
+
 void html_hidden(char *name, char *value)
 {
 	html("<input type='hidden' name='");
M html.hhtml.h 
@@ -10,6 +10,7 @@ extern void html_status(int code, const char *msg, int more_headers);
 extern void html_txt(char *txt);
 extern void html_ntxt(int len, char *txt);
 extern void html_attr(char *txt);
+extern void html_url_arg(char *txt);
 extern void html_hidden(char *name, char *value);
 extern void html_option(char *value, char *text, char *selected_value);
 extern void html_link_open(char *url, char *title, char *class);