mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 08:46:58 +08:00
2af67c4aff
This prevents special characters from not being recognized. Reported by P.H.Vos. Also updated gnulib and added c-strncasecmp
105 lines
2.2 KiB
C
105 lines
2.2 KiB
C
/*
|
|
* Copyright (C) 2013 Nikos Mavrogiannopoulos
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
|
*/
|
|
|
|
#include <config.h>
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
#include <unistd.h>
|
|
#include <c-strcase.h>
|
|
|
|
#include "html.h"
|
|
|
|
char *unescape_html(const char *html, unsigned len, unsigned *out_len)
|
|
{
|
|
char *msg;
|
|
int pos;
|
|
unsigned i;
|
|
|
|
msg = malloc(len + 1);
|
|
if (msg == NULL)
|
|
return NULL;
|
|
|
|
for (i = pos = 0; i < len;) {
|
|
if (html[i] == '&') {
|
|
if (!c_strncasecmp(&html[i], "<", 4)) {
|
|
msg[pos++] = '<';
|
|
i += 4;
|
|
} else if (!c_strncasecmp(&html[i], ">", 4)) {
|
|
msg[pos++] = '>';
|
|
i += 4;
|
|
} else if (!c_strncasecmp(&html[i], " ", 6)) {
|
|
msg[pos++] = ' ';
|
|
i += 6;
|
|
} else if (!c_strncasecmp(&html[i], """, 6)) {
|
|
msg[pos++] = '"';
|
|
i += 6;
|
|
} else if (!c_strncasecmp(&html[i], "&", 5)) {
|
|
msg[pos++] = '&';
|
|
i += 5;
|
|
} else if (!c_strncasecmp(&html[i], "'", 6)) {
|
|
msg[pos++] = '\'';
|
|
i += 6;
|
|
} else
|
|
msg[pos++] = html[i++];
|
|
} else
|
|
msg[pos++] = html[i++];
|
|
}
|
|
|
|
msg[pos] = 0;
|
|
if (out_len)
|
|
*out_len = pos;
|
|
|
|
return msg;
|
|
}
|
|
|
|
char *unescape_url(const char *url, unsigned len, unsigned *out_len)
|
|
{
|
|
char *msg;
|
|
int pos;
|
|
unsigned i;
|
|
|
|
msg = malloc(len + 1);
|
|
if (msg == NULL)
|
|
return NULL;
|
|
|
|
for (i = pos = 0; i < len;) {
|
|
if (url[i] == '%') {
|
|
char b[3];
|
|
unsigned int u;
|
|
|
|
b[0] = url[pos + 1];
|
|
b[1] = url[pos + 2];
|
|
b[2] = 0;
|
|
|
|
sscanf(b, "%02x", &u);
|
|
|
|
msg[pos++] = u;
|
|
i += 3;
|
|
} else
|
|
msg[pos++] = url[i++];
|
|
}
|
|
|
|
msg[pos] = 0;
|
|
if (out_len)
|
|
*out_len = pos;
|
|
|
|
return msg;
|
|
}
|