Annotation of libwww/Library/src/HTParse.c, revision 2.24
1.1 timbl 1: /* Parse HyperText Document Address HTParse.c
2: ** ================================
3: */
4:
5: #include "HTUtils.h"
6: #include "HTParse.h"
7: #include "tcp.h"
8:
2.6 timbl 9: #define HEX_ESCAPE '%'
10:
1.1 timbl 11: struct struct_parts {
2.20 timbl 12: char * access; /* Now known as "scheme" */
1.1 timbl 13: char * host;
14: char * absolute;
15: char * relative;
16: /* char * search; no - treated as part of path */
17: char * anchor;
18: };
19:
20:
21: /* Strip white space off a string
22: ** ------------------------------
23: **
24: ** On exit,
25: ** Return value points to first non-white character, or to 0 if none.
26: ** All trailing white space is OVERWRITTEN with zero.
27: */
28:
2.13 luotonen 29: PUBLIC char * HTStrip ARGS1(char *, s)
1.1 timbl 30: {
31: #define SPACE(c) ((c==' ')||(c=='\t')||(c=='\n'))
32: char * p=s;
2.13 luotonen 33: if (!s) return NULL; /* Doesn't dump core if NULL */
34: for(p=s;*p;p++); /* Find end of string */
1.1 timbl 35: for(p--;p>=s;p--) {
36: if(SPACE(*p)) *p=0; /* Zap trailing blanks */
37: else break;
38: }
39: while(SPACE(*s))s++; /* Strip leading blanks */
40: return s;
41: }
42:
43:
44: /* Scan a filename for its consituents
45: ** -----------------------------------
46: **
47: ** On entry,
48: ** name points to a document name which may be incomplete.
49: ** On exit,
50: ** absolute or relative may be nonzero (but not both).
51: ** host, anchor and access may be nonzero if they were specified.
52: ** Any which are nonzero point to zero terminated strings.
53: */
54: #ifdef __STDC__
55: PRIVATE void scan(char * name, struct struct_parts *parts)
56: #else
57: PRIVATE void scan(name, parts)
58: char * name;
59: struct struct_parts *parts;
60: #endif
61: {
62: char * after_access;
63: char * p;
64: int length = strlen(name);
65:
66: parts->access = 0;
67: parts->host = 0;
68: parts->absolute = 0;
69: parts->relative = 0;
70: parts->anchor = 0;
71:
72: after_access = name;
73: for(p=name; *p; p++) {
74: if (*p==':') {
75: *p = 0;
2.20 timbl 76: parts->access = after_access; /* Scheme has been specified */
1.1 timbl 77: after_access = p+1;
2.22 luotonen 78: if (0==strcasecomp("URL", parts->access)) {
2.20 timbl 79: parts->access = NULL; /* Ignore IETF's URL: pre-prefix */
80: } else break;
1.1 timbl 81: }
2.20 timbl 82: if (*p=='/') break; /* Access has not been specified */
1.1 timbl 83: if (*p=='#') break;
84: }
85:
86: for(p=name+length-1; p>=name; p--) {
87: if (*p =='#') {
88: parts->anchor=p+1;
89: *p=0; /* terminate the rest */
90: }
91: }
92: p = after_access;
93: if (*p=='/'){
94: if (p[1]=='/') {
95: parts->host = p+2; /* host has been specified */
96: *p=0; /* Terminate access */
97: p=strchr(parts->host,'/'); /* look for end of host name if any */
98: if(p) {
99: *p=0; /* Terminate host */
100: parts->absolute = p+1; /* Root has been found */
101: }
102: } else {
103: parts->absolute = p+1; /* Root found but no host */
104: }
105: } else {
106: parts->relative = (*after_access) ? after_access : 0; /* zero for "" */
107: }
108:
2.16 timbl 109: #ifdef OLD_CODE
1.1 timbl 110: /* Access specified but no host: the anchor was not really one
2.16 timbl 111: e.g. news:j462#36487@foo.bar -- JFG 10/jul/92, from bug report */
112: /* This kludge doesn't work for example when coming across
113: file:/usr/local/www/fred#123
114: which loses its anchor. Correct approach in news is to
115: escape weird characters not allowed in URL. TBL 21/dec/93
116: */
1.1 timbl 117: if (parts->access && ! parts->host && parts->anchor) {
118: *(parts->anchor - 1) = '#'; /* Restore the '#' in the address */
119: parts->anchor = 0;
120: }
2.16 timbl 121: #endif
1.1 timbl 122:
123: #ifdef NOT_DEFINED /* search is just treated as part of path */
124: {
125: char *p = relative ? relative : absolute;
126: if (p) {
127: char * q = strchr(p, '?'); /* Any search string? */
128: if (q) {
129: *q = 0; /* If so, chop that off. */
130: parts->search = q+1;
131: }
132: }
133: }
134: #endif
135: } /*scan */
136:
137:
138: /* Parse a Name relative to another name
139: ** -------------------------------------
140: **
141: ** This returns those parts of a name which are given (and requested)
142: ** substituting bits from the related name where necessary.
143: **
144: ** On entry,
145: ** aName A filename given
146: ** relatedName A name relative to which aName is to be parsed
147: ** wanted A mask for the bits which are wanted.
148: **
149: ** On exit,
150: ** returns A pointer to a malloc'd string which MUST BE FREED
151: */
152: #ifdef __STDC__
153: char * HTParse(const char * aName, const char * relatedName, int wanted)
154: #else
155: char * HTParse(aName, relatedName, wanted)
156: char * aName;
157: char * relatedName;
158: int wanted;
159: #endif
160:
161: {
162: char * result = 0;
163: char * return_value = 0;
164: int len;
165: char * name = 0;
166: char * rel = 0;
167: char * p;
2.12 timbl 168: char * access;
1.1 timbl 169: struct struct_parts given, related;
170:
171: /* Make working copies of input strings to cut up:
172: */
173: len = strlen(aName)+strlen(relatedName)+10;
174: result=(char *)malloc(len); /* Lots of space: more than enough */
175: if (result == NULL) outofmem(__FILE__, "HTParse");
176:
177: StrAllocCopy(name, aName);
178: StrAllocCopy(rel, relatedName);
179:
180: scan(name, &given);
181: scan(rel, &related);
182: result[0]=0; /* Clear string */
2.12 timbl 183: access = given.access ? given.access : related.access;
1.1 timbl 184: if (wanted & PARSE_ACCESS)
2.12 timbl 185: if (access) {
186: strcat(result, access);
1.1 timbl 187: if(wanted & PARSE_PUNCTUATION) strcat(result, ":");
188: }
189:
190: if (given.access && related.access) /* If different, inherit nothing. */
191: if (strcmp(given.access, related.access)!=0) {
192: related.host=0;
193: related.absolute=0;
194: related.relative=0;
195: related.anchor=0;
196: }
197:
198: if (wanted & PARSE_HOST)
199: if(given.host || related.host) {
2.12 timbl 200: char * tail = result + strlen(result);
1.1 timbl 201: if(wanted & PARSE_PUNCTUATION) strcat(result, "//");
202: strcat(result, given.host ? given.host : related.host);
2.12 timbl 203: #define CLEAN_URLS
204: #ifdef CLEAN_URLS
205: /* Ignore default port numbers, and trailing dots on FQDNs
206: which will only cause identical adreesses to look different */
207: {
208: char * p;
209: p = strchr(tail, ':');
210: if (p && access) { /* Port specified */
211: if ( ( strcmp(access, "http") == 0
212: && strcmp(p, ":80") == 0 )
213: ||
214: ( strcmp(access, "gopher") == 0
215: && strcmp(p, ":70") == 0 )
216: )
217: *p = (char)0; /* It is the default: ignore it */
218: }
219: if (!p) p = tail + strlen(tail); /* After hostname */
2.21 frystyk 220: if (*p) { /* Henrik 17/04-94 */
221: p--; /* End of hostname */
222: if (*p == '.') *p = (char)0; /* chop final . */
223: }
2.12 timbl 224: }
225: #endif
1.1 timbl 226: }
227:
228: if (given.host && related.host) /* If different hosts, inherit no path. */
229: if (strcmp(given.host, related.host)!=0) {
230: related.absolute=0;
231: related.relative=0;
232: related.anchor=0;
233: }
234:
235: if (wanted & PARSE_PATH) {
236: if(given.absolute) { /* All is given */
237: if(wanted & PARSE_PUNCTUATION) strcat(result, "/");
238: strcat(result, given.absolute);
239: } else if(related.absolute) { /* Adopt path not name */
240: strcat(result, "/");
241: strcat(result, related.absolute);
242: if (given.relative) {
243: p = strchr(result, '?'); /* Search part? */
244: if (!p) p=result+strlen(result)-1;
245: for (; *p!='/'; p--); /* last / */
246: p[1]=0; /* Remove filename */
247: strcat(result, given.relative); /* Add given one */
248: HTSimplify (result);
249: }
250: } else if(given.relative) {
251: strcat(result, given.relative); /* what we've got */
252: } else if(related.relative) {
253: strcat(result, related.relative);
254: } else { /* No inheritance */
255: strcat(result, "/");
256: }
257: }
258:
259: if (wanted & PARSE_ANCHOR)
260: if(given.anchor || related.anchor) {
261: if(wanted & PARSE_PUNCTUATION) strcat(result, "#");
262: strcat(result, given.anchor ? given.anchor : related.anchor);
263: }
264: free(rel);
265: free(name);
266:
267: StrAllocCopy(return_value, result);
268: free(result);
269: return return_value; /* exactly the right length */
270: }
271:
2.11 timbl 272:
2.21 frystyk 273: #if 0 /* NOT USED FOR THE MOMENT */
2.15 luotonen 274: /*
275: ** As strcpy() but guaranteed to work correctly
276: ** with overlapping parameters. AL 7 Feb 1994
277: */
278: PRIVATE void ari_strcpy ARGS2(char *, to,
279: char *, from)
280: {
281: char * tmp;
282:
283: if (!to || !from) return;
284:
285: tmp = (char*)malloc(strlen(from)+1);
286: if (!tmp) outofmem(__FILE__, "my_strcpy");
287:
288: strcpy(tmp, from);
289: strcpy(to, tmp);
290: free(tmp);
291: }
2.21 frystyk 292: #endif
293:
2.20 timbl 294:
295: /* Simplify a URI
296: // --------------
297: // A URI is allowed to contain the seqeunce xxx/../ which may be
1.1 timbl 298: // replaced by "" , and the seqeunce "/./" which may be replaced by "/".
2.20 timbl 299: // Simplification helps us recognize duplicate URIs.
1.1 timbl 300: //
301: // Thus, /etc/junk/../fred becomes /etc/fred
302: // /etc/junk/./fred becomes /etc/junk/fred
2.11 timbl 303: //
304: // but we should NOT change
305: // http://fred.xxx.edu/../..
306: //
307: // or ../../albert.html
1.1 timbl 308: */
2.14 luotonen 309: PUBLIC void HTSimplify ARGS1(char *, filename)
1.1 timbl 310: {
2.19 frystyk 311: int tokcnt = 0;
312: char *strptr;
313: char *urlptr;
314: if (!filename || !*filename) /* Just to be sure! */
315: return;
316:
317: /* Skip prefix, starting ./ and starting ///<etc> */
318: urlptr = strstr(filename, "://"); /* Find prefix */
319: urlptr = urlptr ? urlptr+3 : filename;
320: if (*urlptr == '.' && *(urlptr+1) == '/') /* Starting ./<etc> */
321: urlptr += 2;
322: else if (*urlptr == '/') { /* Some URLs start //<file> */
323: while (*++urlptr == '/');
324: }
325: if (!*urlptr)
326: return;
327:
328: /* Now we have the string we want to work with */
329: strptr = urlptr;
330: while (*strptr++) { /* Count number of delimiters */
331: if (*strptr == '/')
332: tokcnt++;
333: }
334: {
335: BOOL slashtail = NO;
336: char *empty = "";
337: char *url = NULL;
338: char **tokptr;
339: char **tokstart;
340: StrAllocCopy(url, urlptr);
341:
342: /* Does the URL end with a slash? */
343: if(*(filename+strlen(filename)-1) == '/')
344: slashtail = YES;
345:
346: /* I allocate cnt+2 as I don't know if the url is terminated by '/' */
347: if ((tokstart = (char **) calloc(tokcnt+2, sizeof(char *))) == NULL)
348: outofmem(__FILE__, "HTSimplify");
349:
350: /* Read the tokens forwards */
351: tokptr = tokstart;
352: *tokptr++ = strtok(url, "/");
353: while ((strptr = strtok(NULL, "/")) != NULL)
354: *tokptr++ = strptr;
355:
356: /* Scan backwards for '.' and '..' */
357: tokptr--;
358: while(tokptr >= tokstart) {
359: if (!strcmp(*tokptr, ".")) {
360: *tokptr = empty;
361: } else if (!strcmp(*tokptr, "..")) {
362: char **pptr = tokptr-1;
363: while (pptr >= tokstart) {
364: if (**pptr && strcmp(*pptr, "..") && strcmp(*pptr, ".")) {
365: *pptr = empty;
366: *tokptr = empty;
367: break;
368: }
369: pptr--;
370: }
371: }
372: tokptr--;
373: }
374:
375: /* Write the rest out forwards */
376: *urlptr = '\0';
377: strcat(urlptr, *++tokptr);
378: while (*++tokptr) {
379: if (**tokptr) {
380: strcat(urlptr, "/");
381: strcat(urlptr, *tokptr);
382: }
383: }
384: if (slashtail == YES)
385: strcat(urlptr, "/");
386: free(url);
387: free(tokstart);
388: }
389: if (TRACE)
2.21 frystyk 390: fprintf(stderr, "HTSimplify.. `%s\'\n", filename);
2.19 frystyk 391: }
392: #ifdef OLD_CODE
2.17 frystyk 393: char * p = filename;
1.1 timbl 394: char * q;
2.17 frystyk 395:
396: if (p) {
397: while (*p && (*p == '/' || *p == '.')) /* Pass starting / or .'s */
398: p++;
399: while(*p) {
400: if (*p=='/') {
1.1 timbl 401: if ((p[1]=='.') && (p[2]=='.') && (p[3]=='/' || !p[3] )) {
2.11 timbl 402: for (q=p-1; (q>=filename) && (*q!='/'); q--); /* prev slash */
403: if (q[0]=='/' && 0!=strncmp(q, "/../", 4)
404: &&!(q-1>filename && q[-1]=='/')) {
2.15 luotonen 405: ari_strcpy(q, p+3); /* Remove /xxx/.. */
1.1 timbl 406: if (!*filename) strcpy(filename, "/");
407: p = q-1; /* Start again with prev slash */
2.11 timbl 408: } else { /* xxx/.. leave it! */
2.9 timbl 409: #ifdef BUG_CODE
2.15 luotonen 410: ari_strcpy(filename, p[3] ? p+4 : p+3); /* rm xxx/../ */
1.1 timbl 411: p = filename; /* Start again */
2.9 timbl 412: #endif
1.1 timbl 413: }
414: } else if ((p[1]=='.') && (p[2]=='/' || !p[2])) {
2.15 luotonen 415: ari_strcpy(p, p+2); /* Remove a slash and a dot */
2.13 luotonen 416: } else if (p[-1] != ':') {
417: while (p[1] == '/') {
2.15 luotonen 418: ari_strcpy(p, p+1); /* Remove multiple slashes */
2.13 luotonen 419: }
1.1 timbl 420: }
2.17 frystyk 421: }
422: p++;
423: } /* end while (*p) */
424: } /* end if (p) */
1.1 timbl 425: }
2.19 frystyk 426: #endif /* OLD_CODE */
1.1 timbl 427:
428:
429: /* Make Relative Name
430: ** ------------------
431: **
432: ** This function creates and returns a string which gives an expression of
433: ** one address as related to another. Where there is no relation, an absolute
434: ** address is retured.
435: **
436: ** On entry,
437: ** Both names must be absolute, fully qualified names of nodes
438: ** (no anchor bits)
439: **
440: ** On exit,
441: ** The return result points to a newly allocated name which, if
442: ** parsed by HTParse relative to relatedName, will yield aName.
443: ** The caller is responsible for freeing the resulting name later.
444: **
445: */
446: #ifdef __STDC__
447: char * HTRelative(const char * aName, const char *relatedName)
448: #else
449: char * HTRelative(aName, relatedName)
450: char * aName;
451: char * relatedName;
452: #endif
453: {
454: char * result = 0;
455: CONST char *p = aName;
456: CONST char *q = relatedName;
457: CONST char * after_access = 0;
458: CONST char * path = 0;
459: CONST char * last_slash = 0;
460: int slashes = 0;
461:
462: for(;*p; p++, q++) { /* Find extent of match */
463: if (*p!=*q) break;
464: if (*p==':') after_access = p+1;
465: if (*p=='/') {
466: last_slash = p;
467: slashes++;
468: if (slashes==3) path=p;
469: }
470: }
471:
472: /* q, p point to the first non-matching character or zero */
473:
474: if (!after_access) { /* Different access */
475: StrAllocCopy(result, aName);
476: } else if (slashes<3){ /* Different nodes */
477: StrAllocCopy(result, after_access);
2.21 frystyk 478: #if 0
1.1 timbl 479: } else if (slashes==3){ /* Same node, different path */
480: StrAllocCopy(result, path);
2.21 frystyk 481: #endif
1.1 timbl 482: } else { /* Some path in common */
483: int levels= 0;
484: for(; *q && (*q!='#'); q++) if (*q=='/') levels++;
485: result = (char *)malloc(3*levels + strlen(last_slash) + 1);
486: if (result == NULL) outofmem(__FILE__, "HTRelative");
487: result[0]=0;
488: for(;levels; levels--)strcat(result, "../");
489: strcat(result, last_slash+1);
490: }
2.21 frystyk 491: if (TRACE) fprintf(stderr,
492: "HTRelative.. `%s' expressed relative to `%s' is `%s'\n",
493: aName, relatedName, result);
1.1 timbl 494: return result;
495: }
2.1 timbl 496:
497:
2.6 timbl 498: /* Escape undesirable characters using % HTEscape()
499: ** -------------------------------------
500: **
501: ** This function takes a pointer to a string in which
502: ** some characters may be unacceptable unescaped.
503: ** It returns a string which has these characters
504: ** represented by a '%' character followed by two hex digits.
505: **
2.20 timbl 506: ** In the tradition of being conservative in what you do and liberal
507: ** in what you accept, we encode some characters which in fact are
508: ** allowed in URLs unencoded -- so DON'T use the table below for
509: ** parsing!
510: **
2.6 timbl 511: ** Unlike HTUnEscape(), this routine returns a malloced string.
2.20 timbl 512: **
2.6 timbl 513: */
514:
2.20 timbl 515: /* Not BOTH static AND const at the same time in gcc :-(, Henrik 18/03-94
516: ** code gen error in gcc when making random access to
517: ** static const table(!!) */
2.19 frystyk 518: /* PRIVATE CONST unsigned char isAcceptable[96] = */
519: PRIVATE unsigned char isAcceptable[96] =
2.6 timbl 520:
2.20 timbl 521: /* Overencodes */
2.6 timbl 522: /* Bit 0 xalpha -- see HTFile.h
523: ** Bit 1 xpalpha -- as xalpha but with plus.
2.20 timbl 524: ** Bit 2 ... path -- as xpalpha but with /
2.6 timbl 525: */
526: /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
527: { 0,0,0,0,0,0,0,0,0,0,7,6,0,7,7,4, /* 2x !"#$%&'()*+,-./ */
528: 7,7,7,7,7,7,7,7,7,7,0,0,0,0,0,0, /* 3x 0123456789:;<=>? */
529: 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 4x @ABCDEFGHIJKLMNO */
530: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,7, /* 5X PQRSTUVWXYZ[\]^_ */
531: 0,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 6x `abcdefghijklmno */
532: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,0 }; /* 7X pqrstuvwxyz{\}~ DEL */
533:
534: PRIVATE char *hex = "0123456789ABCDEF";
535:
2.8 timbl 536: PUBLIC char * HTEscape ARGS2 (CONST char *, str,
2.6 timbl 537: unsigned char, mask)
538: {
539: #define ACCEPTABLE(a) ( a>=32 && a<128 && ((isAcceptable[a-32]) & mask))
540: CONST char * p;
541: char * q;
542: char * result;
543: int unacceptable = 0;
544: for(p=str; *p; p++)
545: if (!ACCEPTABLE((unsigned char)TOASCII(*p)))
546: unacceptable++;
547: result = (char *) malloc(p-str + unacceptable+ unacceptable + 1);
548: if (result == NULL) outofmem(__FILE__, "HTEscape");
549: for(q=result, p=str; *p; p++) {
550: unsigned char a = TOASCII(*p);
551: if (!ACCEPTABLE(a)) {
552: *q++ = HEX_ESCAPE; /* Means hex commming */
553: *q++ = hex[a >> 4];
554: *q++ = hex[a & 15];
555: }
556: else *q++ = *p;
557: }
558: *q++ = 0; /* Terminate */
559: return result;
560: }
561:
562:
2.1 timbl 563: /* Decode %xx escaped characters HTUnEscape()
564: ** -----------------------------
565: **
566: ** This function takes a pointer to a string in which some
567: ** characters may have been encoded in %xy form, where xy is
568: ** the acsii hex code for character 16x+y.
569: ** The string is converted in place, as it will never grow.
570: */
571:
572: PRIVATE char from_hex ARGS1(char, c)
573: {
2.6 timbl 574: return c >= '0' && c <= '9' ? c - '0'
575: : c >= 'A' && c <= 'F'? c - 'A' + 10
576: : c - 'a' + 10; /* accept small letters just in case */
2.1 timbl 577: }
578:
579: PUBLIC char * HTUnEscape ARGS1( char *, str)
580: {
581: char * p = str;
582: char * q = str;
583: while(*p) {
2.6 timbl 584: if (*p == HEX_ESCAPE) {
2.1 timbl 585: p++;
586: if (*p) *q = from_hex(*p++) * 16;
587: if (*p) *q = FROMASCII(*q + from_hex(*p++));
588: q++;
589: } else {
590: *q++ = *p++;
591: }
592: }
593:
594: *q++ = 0;
595: return str;
596:
597: } /* HTUnEscape */
598:
599:
2.24 ! luotonen 600: /* HTCleanTelnetString()
! 601: * Make sure that the given string doesn't contain characters that
! 602: * could cause security holes, such as newlines in ftp, gopher,
! 603: * news or telnet URLs; more specifically: allows everything between
! 604: * ASCII 20-7E, and also A0-FE, inclusive.
! 605: *
! 606: * On entry,
! 607: * str the string that is *modified* if necessary. The
! 608: * string will be truncated at the first illegal
! 609: * character that is encountered.
! 610: * On exit,
! 611: * returns YES, if the string was modified.
! 612: * NO, otherwise.
! 613: */
! 614: PUBLIC BOOL HTCleanTelnetString ARGS1(char *, str)
! 615: {
! 616: char * cur = str;
! 617:
! 618: if (!str) return NO;
! 619:
! 620: while (*cur) {
! 621: int a = TOASCII(*cur);
! 622: if (a < 0x20 || (a > 0x7E && a < 0xA0) || a > 0xFE) {
! 623: CTRACE(stderr, "Illegal..... character in URL: \"%s\"\n",str);
! 624: *cur = 0;
! 625: CTRACE(stderr, "Truncated... \"%s\"\n",str);
! 626: return YES;
! 627: }
! 628: cur++;
! 629: }
! 630: return NO;
! 631: }
! 632:
Webmaster