X-Git-Url: http://www.dolda2000.com/gitweb/?a=blobdiff_plain;f=lib%2Fresp.c;h=1b08b00c55cf1a8eb94382d25c9514e84162cb69;hb=3a42b6b1d0b8f9e8ce5c77e838e2573bbfabe593;hp=c1b74b9920802c27744933e28e8e4a1c53580e84;hpb=46e6630278db9fb3b7aa7150d28fcd90993a5cc9;p=ashd.git

diff --git a/lib/resp.c b/lib/resp.c
index c1b74b9..1b08b00 100644
--- a/lib/resp.c
+++ b/lib/resp.c
@@ -17,6 +17,7 @@
 */
 
 #include <stdlib.h>
+#include <unistd.h>
 #include <string.h>
 #include <stdio.h>
 #include <stdarg.h>
@@ -29,10 +30,45 @@
 #include <utils.h>
 #include <resp.h>
 
+static char safechars[128] = {
+ /* x0 x1 x2 x3 x4 x5 x6 x7 x8 x9 xa xb xc xd xe xf */
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+    0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1,
+    1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
+    0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+    1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1,
+    0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+    1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0,
+};
+
+char *urlquote(char *text)
+{
+    static char *ret = NULL;
+    struct charbuf buf;
+    unsigned char c;
+    
+    if(ret != NULL)
+	free(ret);
+    bufinit(buf);
+    for(; *text; text++) {
+	c = *text;
+	if(!c < 128 && safechars[(int)c])
+	    bufadd(buf, *text);
+	else
+	    bprintf(&buf, "%%%02X", (int)c);
+    }
+    bufadd(buf, 0);
+    return(ret = buf.b);
+}
+
 char *htmlquote(char *text)
 {
+    static char *ret = NULL;
     struct charbuf buf;
     
+    if(ret != NULL)
+	free(ret);
     bufinit(buf);
     for(; *text; text++) {
 	if(*text == '<')
@@ -41,25 +77,25 @@ char *htmlquote(char *text)
 	    bufcatstr(buf, "&gt;");
 	else if(*text == '&')
 	    bufcatstr(buf, "&amp;");
+	else if(*text == '\"')
+	    bufcatstr(buf, "&quot;");
 	else
 	    bufadd(buf, *text);
     }
     bufadd(buf, 0);
-    return(buf.b);
+    return(ret = buf.b);
 }
 
 void simpleerror(int fd, int code, char *msg, char *fmt, ...)
 {
     struct charbuf buf;
-    char *tmp1, *tmp2;
+    char *tmp;
     va_list args;
     FILE *out;
     
     va_start(args, fmt);
-    tmp1 = vsprintf2(fmt, args);
+    tmp = vsprintf2(fmt, args);
     va_end(args);
-    tmp2 = htmlquote(tmp1);
-    free(tmp1);
     bufinit(buf);
     bufcatstr(buf, "<?xml version=\"1.0\" encoding=\"US-ASCII\"?>\r\n");
     bufcatstr(buf, "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\r\n");
@@ -69,11 +105,10 @@ void simpleerror(int fd, int code, char *msg, char *fmt, ...)
     bufcatstr(buf, "</head>\r\n");
     bufcatstr(buf, "<body>\r\n");
     bprintf(&buf, "<h1>%s</h1>\r\n", msg);
-    bprintf(&buf, "<p>%s</p>\r\n", tmp2);
+    bprintf(&buf, "<p>%s</p>\r\n", htmlquote(tmp));
     bufcatstr(buf, "</body>\r\n");
     bufcatstr(buf, "</html>\r\n");
-    free(tmp2);
-    out = fdopen(fd, "w");
+    out = fdopen(dup(fd), "w");
     fprintf(out, "HTTP/1.1 %i %s\n", code, msg);
     fprintf(out, "Content-Type: text/html\n");
     fprintf(out, "Content-Length: %zi\n", buf.d);
@@ -101,7 +136,7 @@ void stdredir(struct hthead *req, int fd, int code, char *dst)
 	    adst = sstrdup(dst);
 	} else {
 	    if(*dst == '/') {
-		path = sstrdup(dst);
+		path = sstrdup(dst + 1);
 	    } else {
 		if((*(url = req->url)) == '/')
 		    url++;
@@ -115,7 +150,7 @@ void stdredir(struct hthead *req, int fd, int code, char *dst)
 	    free(path);
 	}
     }
-    out = fdopen(fd, "w");
+    out = fdopen(dup(fd), "w");
     fprintf(out, "HTTP/1.1 %i Redirection\n", code);
     fprintf(out, "Content-Length: 0\n");
     fprintf(out, "Location: %s\n", adst);