Annotation of libwww/Library/src/HTParse.c, revision 2.31.2.1
1.1 timbl 1: /* Parse HyperText Document Address HTParse.c
2: ** ================================
2.26 frystyk 3: **
4: ** history:
5: ** May 12 94 TAB added as legal char in HTCleanTelnetString
6: **
1.1 timbl 7: */
2.31 frystyk 8:
1.1 timbl 9: #include "HTUtils.h"
2.31 frystyk 10: #include "HTTCP.h"
1.1 timbl 11: #include "HTParse.h"
12:
2.6 timbl 13: #define HEX_ESCAPE '%'
14:
1.1 timbl 15: struct struct_parts {
2.20 timbl 16: char * access; /* Now known as "scheme" */
1.1 timbl 17: char * host;
18: char * absolute;
19: char * relative;
20: /* char * search; no - treated as part of path */
21: char * anchor;
22: };
23:
24: /* Strip white space off a string
25: ** ------------------------------
26: **
27: ** On exit,
28: ** Return value points to first non-white character, or to 0 if none.
29: ** All trailing white space is OVERWRITTEN with zero.
30: */
31:
2.13 luotonen 32: PUBLIC char * HTStrip ARGS1(char *, s)
1.1 timbl 33: {
34: #define SPACE(c) ((c==' ')||(c=='\t')||(c=='\n'))
35: char * p=s;
2.13 luotonen 36: if (!s) return NULL; /* Doesn't dump core if NULL */
37: for(p=s;*p;p++); /* Find end of string */
1.1 timbl 38: for(p--;p>=s;p--) {
39: if(SPACE(*p)) *p=0; /* Zap trailing blanks */
40: else break;
41: }
42: while(SPACE(*s))s++; /* Strip leading blanks */
43: return s;
44: }
45:
46:
47: /* Scan a filename for its consituents
48: ** -----------------------------------
49: **
50: ** On entry,
51: ** name points to a document name which may be incomplete.
52: ** On exit,
53: ** absolute or relative may be nonzero (but not both).
54: ** host, anchor and access may be nonzero if they were specified.
55: ** Any which are nonzero point to zero terminated strings.
56: */
57: #ifdef __STDC__
58: PRIVATE void scan(char * name, struct struct_parts *parts)
59: #else
60: PRIVATE void scan(name, parts)
61: char * name;
62: struct struct_parts *parts;
63: #endif
64: {
65: char * after_access;
66: char * p;
67: int length = strlen(name);
68:
69: parts->access = 0;
70: parts->host = 0;
71: parts->absolute = 0;
72: parts->relative = 0;
73: parts->anchor = 0;
74:
75: after_access = name;
76: for(p=name; *p; p++) {
77: if (*p==':') {
78: *p = 0;
2.20 timbl 79: parts->access = after_access; /* Scheme has been specified */
1.1 timbl 80: after_access = p+1;
2.22 luotonen 81: if (0==strcasecomp("URL", parts->access)) {
2.20 timbl 82: parts->access = NULL; /* Ignore IETF's URL: pre-prefix */
83: } else break;
1.1 timbl 84: }
2.20 timbl 85: if (*p=='/') break; /* Access has not been specified */
1.1 timbl 86: if (*p=='#') break;
87: }
88:
89: for(p=name+length-1; p>=name; p--) {
90: if (*p =='#') {
91: parts->anchor=p+1;
92: *p=0; /* terminate the rest */
93: }
94: }
95: p = after_access;
96: if (*p=='/'){
97: if (p[1]=='/') {
98: parts->host = p+2; /* host has been specified */
99: *p=0; /* Terminate access */
100: p=strchr(parts->host,'/'); /* look for end of host name if any */
101: if(p) {
102: *p=0; /* Terminate host */
103: parts->absolute = p+1; /* Root has been found */
104: }
105: } else {
106: parts->absolute = p+1; /* Root found but no host */
107: }
108: } else {
109: parts->relative = (*after_access) ? after_access : 0; /* zero for "" */
110: }
111:
2.16 timbl 112: #ifdef OLD_CODE
1.1 timbl 113: /* Access specified but no host: the anchor was not really one
2.16 timbl 114: e.g. news:j462#36487@foo.bar -- JFG 10/jul/92, from bug report */
115: /* This kludge doesn't work for example when coming across
116: file:/usr/local/www/fred#123
117: which loses its anchor. Correct approach in news is to
118: escape weird characters not allowed in URL. TBL 21/dec/93
119: */
1.1 timbl 120: if (parts->access && ! parts->host && parts->anchor) {
121: *(parts->anchor - 1) = '#'; /* Restore the '#' in the address */
122: parts->anchor = 0;
123: }
2.16 timbl 124: #endif
1.1 timbl 125:
126: #ifdef NOT_DEFINED /* search is just treated as part of path */
127: {
128: char *p = relative ? relative : absolute;
129: if (p) {
130: char * q = strchr(p, '?'); /* Any search string? */
131: if (q) {
132: *q = 0; /* If so, chop that off. */
133: parts->search = q+1;
134: }
135: }
136: }
137: #endif
138: } /*scan */
139:
140:
141: /* Parse a Name relative to another name
142: ** -------------------------------------
143: **
144: ** This returns those parts of a name which are given (and requested)
145: ** substituting bits from the related name where necessary.
146: **
147: ** On entry,
148: ** aName A filename given
149: ** relatedName A name relative to which aName is to be parsed
150: ** wanted A mask for the bits which are wanted.
151: **
152: ** On exit,
153: ** returns A pointer to a malloc'd string which MUST BE FREED
154: */
155: #ifdef __STDC__
156: char * HTParse(const char * aName, const char * relatedName, int wanted)
157: #else
158: char * HTParse(aName, relatedName, wanted)
159: char * aName;
160: char * relatedName;
161: int wanted;
162: #endif
163:
164: {
165: char * result = 0;
166: char * return_value = 0;
167: int len;
168: char * name = 0;
169: char * rel = 0;
170: char * p;
2.12 timbl 171: char * access;
1.1 timbl 172: struct struct_parts given, related;
173:
174: /* Make working copies of input strings to cut up:
175: */
176: len = strlen(aName)+strlen(relatedName)+10;
177: result=(char *)malloc(len); /* Lots of space: more than enough */
178: if (result == NULL) outofmem(__FILE__, "HTParse");
179:
180: StrAllocCopy(name, aName);
181: StrAllocCopy(rel, relatedName);
182:
183: scan(name, &given);
184: scan(rel, &related);
185: result[0]=0; /* Clear string */
2.12 timbl 186: access = given.access ? given.access : related.access;
1.1 timbl 187: if (wanted & PARSE_ACCESS)
2.12 timbl 188: if (access) {
189: strcat(result, access);
1.1 timbl 190: if(wanted & PARSE_PUNCTUATION) strcat(result, ":");
191: }
192:
193: if (given.access && related.access) /* If different, inherit nothing. */
194: if (strcmp(given.access, related.access)!=0) {
195: related.host=0;
196: related.absolute=0;
197: related.relative=0;
198: related.anchor=0;
199: }
200:
201: if (wanted & PARSE_HOST)
202: if(given.host || related.host) {
203: if(wanted & PARSE_PUNCTUATION) strcat(result, "//");
204: strcat(result, given.host ? given.host : related.host);
2.31 frystyk 205: #if 0
206: /* This is now done in HTCanon */
2.12 timbl 207: #define CLEAN_URLS
2.31 frystyk 208: #endif
2.12 timbl 209: #ifdef CLEAN_URLS
210: /* Ignore default port numbers, and trailing dots on FQDNs
211: which will only cause identical adreesses to look different */
212: {
2.31 frystyk 213: char *tail = result + strlen(result);
214: char *p = strchr(tail, ':');
2.12 timbl 215: if (p && access) { /* Port specified */
216: if ( ( strcmp(access, "http") == 0
217: && strcmp(p, ":80") == 0 )
218: ||
219: ( strcmp(access, "gopher") == 0
220: && strcmp(p, ":70") == 0 )
221: )
222: *p = (char)0; /* It is the default: ignore it */
223: }
224: if (!p) p = tail + strlen(tail); /* After hostname */
2.21 frystyk 225: if (*p) { /* Henrik 17/04-94 */
226: p--; /* End of hostname */
227: if (*p == '.') *p = (char)0; /* chop final . */
228: }
2.12 timbl 229: }
230: #endif
1.1 timbl 231: }
232:
233: if (given.host && related.host) /* If different hosts, inherit no path. */
234: if (strcmp(given.host, related.host)!=0) {
235: related.absolute=0;
236: related.relative=0;
237: related.anchor=0;
238: }
239:
240: if (wanted & PARSE_PATH) {
241: if(given.absolute) { /* All is given */
242: if(wanted & PARSE_PUNCTUATION) strcat(result, "/");
243: strcat(result, given.absolute);
244: } else if(related.absolute) { /* Adopt path not name */
245: strcat(result, "/");
246: strcat(result, related.absolute);
247: if (given.relative) {
248: p = strchr(result, '?'); /* Search part? */
249: if (!p) p=result+strlen(result)-1;
250: for (; *p!='/'; p--); /* last / */
251: p[1]=0; /* Remove filename */
252: strcat(result, given.relative); /* Add given one */
2.31 frystyk 253: result = HTSimplify (result);
1.1 timbl 254: }
255: } else if(given.relative) {
256: strcat(result, given.relative); /* what we've got */
257: } else if(related.relative) {
258: strcat(result, related.relative);
259: } else { /* No inheritance */
260: strcat(result, "/");
261: }
262: }
263:
264: if (wanted & PARSE_ANCHOR)
265: if(given.anchor || related.anchor) {
266: if(wanted & PARSE_PUNCTUATION) strcat(result, "#");
267: strcat(result, given.anchor ? given.anchor : related.anchor);
268: }
269: free(rel);
270: free(name);
271:
272: StrAllocCopy(return_value, result);
273: free(result);
274: return return_value; /* exactly the right length */
275: }
276:
2.11 timbl 277:
2.21 frystyk 278: #if 0 /* NOT USED FOR THE MOMENT */
2.15 luotonen 279: /*
280: ** As strcpy() but guaranteed to work correctly
281: ** with overlapping parameters. AL 7 Feb 1994
282: */
283: PRIVATE void ari_strcpy ARGS2(char *, to,
284: char *, from)
285: {
286: char * tmp;
287:
288: if (!to || !from) return;
289:
290: tmp = (char*)malloc(strlen(from)+1);
291: if (!tmp) outofmem(__FILE__, "my_strcpy");
292:
293: strcpy(tmp, from);
294: strcpy(to, tmp);
295: free(tmp);
296: }
2.21 frystyk 297: #endif
298:
2.20 timbl 299:
300: /* Simplify a URI
301: // --------------
302: // A URI is allowed to contain the seqeunce xxx/../ which may be
1.1 timbl 303: // replaced by "" , and the seqeunce "/./" which may be replaced by "/".
2.20 timbl 304: // Simplification helps us recognize duplicate URIs.
1.1 timbl 305: //
306: // Thus, /etc/junk/../fred becomes /etc/fred
307: // /etc/junk/./fred becomes /etc/junk/fred
2.11 timbl 308: //
309: // but we should NOT change
310: // http://fred.xxx.edu/../..
311: //
312: // or ../../albert.html
2.26 frystyk 313: //
314: // In the same manner, the following prefixed are preserved:
315: //
316: // ./<etc>
317: // //<etc>
318: //
319: // In order to avoid empty URLs the following URLs become:
320: //
321: // /fred/.. becomes /fred/..
322: // /fred/././.. becomes /fred/..
2.27 frystyk 323: // /fred/.././junk/.././ becomes /fred/..
2.26 frystyk 324: //
2.30 frystyk 325: // If more than one set of `://' is found (several proxies in cascade) then
326: // only the part after the last `://' is simplified.
1.1 timbl 327: */
2.31 frystyk 328: PUBLIC char *HTSimplify ARGS1(char *, filename)
1.1 timbl 329: {
2.31 frystyk 330: char *path;
331: char *p;
2.19 frystyk 332:
2.31 frystyk 333: if (!filename) {
334: if (URI_TRACE)
335: fprintf(stderr, "HTSimplify.. Bad argument\n");
336: return filename;
337: }
338: if (URI_TRACE)
2.27 frystyk 339: fprintf(stderr, "HTSimplify.. `%s\' ", filename);
340:
2.31 frystyk 341: if ((path = strstr(filename, "://")) != NULL) { /* Find host name */
2.30 frystyk 342: char *newptr;
2.31 frystyk 343: path += 3;
344: while ((newptr = strstr(path, "://")) != NULL)
345: path = newptr+3;
346: path = HTCanon(&filename, path); /* We have a host name */
347: } else if ((path = strstr(filename, ":/")) != NULL) {
348: path += 2;
2.27 frystyk 349: } else
2.31 frystyk 350: path = filename;
351: if (*path == '/' && *(path+1)=='/') { /* Some URLs start //<foo> */
352: path += 1;
353: } else if (!strncmp(path, "news:", 5)) { /* Make group lower case */
2.31.2.1! frystyk 354: #if 1
! 355: char *ptr = strchr(path+5, '@');
! 356: if (!ptr) ptr = path+5;
! 357: while (*ptr) { /* Make group or host lower case */
! 358: *ptr = TOLOWER(*ptr);
! 359: ptr++;
! 360: }
! 361: #else
! 362: char *group = path+5;
2.31 frystyk 363: while (*group && *group!='@' && *group!='/') {
364: *group = TOLOWER(*group);
365: group++;
366: }
2.31.2.1! frystyk 367: #endif
2.31 frystyk 368: if (URI_TRACE)
369: fprintf(stderr, "into\n............ `%s'\n", filename);
370: return filename; /* Doesn't need to do any more */
371: }
372: if ((p = path)) {
373: int segments = 0;
374:
375: /* Parse string first time to find number of `real' tokens */
376: while (*p) {
377: if (*p=='/' || p==path) {
378: if (!((*(p+1)=='/' || !*(p+1)) ||
379: (*(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) ||
380: (*(p+1)=='.' && *(p+2)=='.' &&(*(p+3)=='/' || !*(p+3)))))
381: segments++;
382: }
383: p++;
384: }
2.19 frystyk 385:
2.31 frystyk 386: /* Parse string second time to simplify */
387: p = path;
388: while(*p) {
389: if (*p=='/') {
390: if (p>path && *(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) {
391: char *orig=p, *dest=p+2;
392: while ((*orig++ = *dest++)); /* Remove a slash and a dot */
393: p--;
394: } else if (segments>1 && *(p+1)=='.' && *(p+2)=='.' &&
395: (*(p+3)=='/' || !*(p+3))) {
396: char *q = p;
397: while (q>path && *--q!='/'); /* prev slash */
398: if (strncmp(q, "/../", 4) && strncmp(q, "/./", 3) &&
399: strncmp(q, "./", 2)) {
400: char *orig=q, *dest=p+3;
401: if (*q!='/') dest++;
402: while ((*orig++ = *dest++)); /* Remove /xxx/.. */
403: segments--;
404: p = q-1; /* Start again with prev slash */
405: } else
406: p++;
407: } else if (*(p+1)=='/') {
408: while (*(p+1)=='/') {
409: char *orig=p, *dest=p+1;
410: while ((*orig++ = *dest++)); /* Remove multiple /'s */
2.19 frystyk 411: }
412: }
413: }
2.31 frystyk 414: p++;
415: } /* end while (*p) */
2.19 frystyk 416: }
2.31 frystyk 417: if (URI_TRACE)
2.27 frystyk 418: fprintf(stderr, "into\n............ `%s'\n", filename);
2.31 frystyk 419: return filename;
2.19 frystyk 420: }
2.31 frystyk 421:
2.19 frystyk 422: #ifdef OLD_CODE
2.17 frystyk 423: char * p = filename;
1.1 timbl 424: char * q;
2.17 frystyk 425:
426: if (p) {
427: while (*p && (*p == '/' || *p == '.')) /* Pass starting / or .'s */
428: p++;
429: while(*p) {
430: if (*p=='/') {
1.1 timbl 431: if ((p[1]=='.') && (p[2]=='.') && (p[3]=='/' || !p[3] )) {
2.11 timbl 432: for (q=p-1; (q>=filename) && (*q!='/'); q--); /* prev slash */
433: if (q[0]=='/' && 0!=strncmp(q, "/../", 4)
434: &&!(q-1>filename && q[-1]=='/')) {
2.15 luotonen 435: ari_strcpy(q, p+3); /* Remove /xxx/.. */
1.1 timbl 436: if (!*filename) strcpy(filename, "/");
437: p = q-1; /* Start again with prev slash */
2.11 timbl 438: } else { /* xxx/.. leave it! */
2.9 timbl 439: #ifdef BUG_CODE
2.15 luotonen 440: ari_strcpy(filename, p[3] ? p+4 : p+3); /* rm xxx/../ */
1.1 timbl 441: p = filename; /* Start again */
2.9 timbl 442: #endif
1.1 timbl 443: }
444: } else if ((p[1]=='.') && (p[2]=='/' || !p[2])) {
2.15 luotonen 445: ari_strcpy(p, p+2); /* Remove a slash and a dot */
2.13 luotonen 446: } else if (p[-1] != ':') {
447: while (p[1] == '/') {
2.15 luotonen 448: ari_strcpy(p, p+1); /* Remove multiple slashes */
2.13 luotonen 449: }
1.1 timbl 450: }
2.17 frystyk 451: }
452: p++;
453: } /* end while (*p) */
454: } /* end if (p) */
1.1 timbl 455: }
2.19 frystyk 456: #endif /* OLD_CODE */
1.1 timbl 457:
458:
459: /* Make Relative Name
460: ** ------------------
461: **
462: ** This function creates and returns a string which gives an expression of
463: ** one address as related to another. Where there is no relation, an absolute
464: ** address is retured.
465: **
466: ** On entry,
467: ** Both names must be absolute, fully qualified names of nodes
468: ** (no anchor bits)
469: **
470: ** On exit,
471: ** The return result points to a newly allocated name which, if
472: ** parsed by HTParse relative to relatedName, will yield aName.
473: ** The caller is responsible for freeing the resulting name later.
474: **
475: */
476: #ifdef __STDC__
477: char * HTRelative(const char * aName, const char *relatedName)
478: #else
479: char * HTRelative(aName, relatedName)
480: char * aName;
481: char * relatedName;
482: #endif
483: {
484: char * result = 0;
485: CONST char *p = aName;
486: CONST char *q = relatedName;
487: CONST char * after_access = 0;
488: CONST char * path = 0;
489: CONST char * last_slash = 0;
490: int slashes = 0;
491:
492: for(;*p; p++, q++) { /* Find extent of match */
493: if (*p!=*q) break;
494: if (*p==':') after_access = p+1;
495: if (*p=='/') {
496: last_slash = p;
497: slashes++;
498: if (slashes==3) path=p;
499: }
500: }
501:
502: /* q, p point to the first non-matching character or zero */
503:
504: if (!after_access) { /* Different access */
505: StrAllocCopy(result, aName);
506: } else if (slashes<3){ /* Different nodes */
507: StrAllocCopy(result, after_access);
2.29 frystyk 508: #if 0 /* Henrik */
1.1 timbl 509: } else if (slashes==3){ /* Same node, different path */
510: StrAllocCopy(result, path);
2.21 frystyk 511: #endif
1.1 timbl 512: } else { /* Some path in common */
513: int levels= 0;
514: for(; *q && (*q!='#'); q++) if (*q=='/') levels++;
515: result = (char *)malloc(3*levels + strlen(last_slash) + 1);
516: if (result == NULL) outofmem(__FILE__, "HTRelative");
517: result[0]=0;
518: for(;levels; levels--)strcat(result, "../");
519: strcat(result, last_slash+1);
520: }
2.31 frystyk 521: if (URI_TRACE) fprintf(stderr,
2.21 frystyk 522: "HTRelative.. `%s' expressed relative to `%s' is `%s'\n",
523: aName, relatedName, result);
1.1 timbl 524: return result;
525: }
2.1 timbl 526:
527:
2.31 frystyk 528: /* HTCanon
529: **
530: ** Canonicalizes the URL in the following manner starting from the host
531: ** pointer:
532: **
533: ** 1) The host name is converted to lowercase
534: ** 2) Expands the host name of the URL from a local name to a full
535: ** domain name. A host name is started by `://'.
536: ** 3) The default port indication :80, :70, and :21 for are stripped
537: **
538: ** Return: OK The position of the current path part of the URL
539: */
540: PUBLIC char *HTCanon ARGS2 (char **, filename, char *, host)
541: {
542: char *new = NULL;
543: char *port;
544: char *strptr;
545: char *path;
2.31.2.1! frystyk 546: char *access = host-3;
2.31 frystyk 547:
2.31.2.1! frystyk 548: while (access>*filename && *(access-1)!='/') /* Find access method */
! 549: access--;
2.31 frystyk 550: if ((path = strchr(host, '/')) == NULL) /* Find path */
551: path = host + strlen(host);
552: if ((strptr = strchr(host, '@')) != NULL && strptr<path) /* UserId */
553: host = strptr;
554: port = strchr(host, ':'); /* Port number */
555:
556: strptr = host; /* Convert to lower-case */
557: while (strptr<path) {
558: *strptr = TOLOWER(*strptr);
559: strptr++;
560: }
561:
562: /* Does the URL contain a full domain name? This also works for a
563: numerical host name. The domain name is already made lower-case
564: and without a trailing dot. */
565: if ((strptr = strchr(host, '.')) == NULL || strptr >= path) {
566: CONST char *domain = HTGetDomainName();
567: if (domain) {
568: if ((new = (char *) calloc(1, strlen(*filename) +
569: strlen(domain)+2)) == NULL)
570: outofmem(__FILE__, "HTCanon");
571: if (port)
572: strncpy(new, *filename, (int) (port-*filename));
573: else
574: strncpy(new, *filename, (int) (path-*filename));
575: strcat(new, ".");
576: strcat(new, domain);
577: }
578: } else { /* Look for a trailing dot */
579: char *dot = port ? port : path;
580: if (dot > *filename && *--dot=='.') {
581: char *orig=dot, *dest=dot+1;
582: while((*orig++ = *dest++));
583: if (port) port--;
584: path--;
585: }
586: }
587:
2.31.2.1! frystyk 588: #if 1
! 589: /* Chop off port if `:', `:80' (http), `:70' (gopher), or `:21' (ftp) */
! 590: if (port) {
! 591: if (!*(port+1) || *(port+1)=='/') {
! 592: if (!new) {
! 593: char *orig=port, *dest=port+1;
! 594: while((*orig++ = *dest++));
! 595: }
! 596: } else if ((!strncmp(access, "http", 4) &&
! 597: (*(port+1)=='8'&&*(port+2)=='0'&&(*(port+3)=='/'||!*(port+3)))) ||
! 598: (!strncmp(access, "gopher", 6) &&
! 599: (*(port+1)=='7'&&*(port+2)=='0'&&(*(port+3)=='/'||!*(port+3)))) ||
! 600: (!strncmp(access, "ftp", 3) &&
! 601: (*(port+1)=='2'&&*(port+2)=='1'&&(*(port+3)=='/'||!*(port+3))))) {
! 602: if (!new) {
! 603: char *orig=port, *dest=port+3;
! 604: while((*orig++ = *dest++));
! 605: path -= 3; /* Update path position, Henry Minsky */
! 606: }
! 607: } else if (new)
! 608: strncat(new, port, (int) (path-port));
! 609: }
! 610: #else
2.31 frystyk 611: /* Chop off port if `:80' (http), `:70' (gopher), or `:21' (ftp) */
612: if (port) {
613: if ((*(port+1)=='8' && *(port+2)=='0' &&
614: (*(port+3)=='/' || !*(port+3))) ||
615: (*(port+1)=='2' && *(port+2)=='1' &&
616: (*(port+3)=='/' || !*(port+3))) ||
617: (*(port+1)=='7' && *(port+2)=='0' &&
618: (*(port+3)=='/' || !*(port+3)))) {
619: if (!new) {
620: char *orig=port, *dest=port+3;
621: while((*orig++ = *dest++));
622: }
623: } else if (new)
624: strncat(new, port, (int) (path-port));
625: }
2.31.2.1! frystyk 626: #endif
2.31 frystyk 627: if (new) {
628: char *newpath = new+strlen(new);
629: strcat(new, path);
630: path = newpath;
631: free(*filename); /* Free old copy */
632: *filename = new;
633: }
634: return path;
635: }
636:
637:
2.6 timbl 638: /* Escape undesirable characters using % HTEscape()
639: ** -------------------------------------
640: **
641: ** This function takes a pointer to a string in which
642: ** some characters may be unacceptable unescaped.
643: ** It returns a string which has these characters
644: ** represented by a '%' character followed by two hex digits.
645: **
2.20 timbl 646: ** In the tradition of being conservative in what you do and liberal
647: ** in what you accept, we encode some characters which in fact are
648: ** allowed in URLs unencoded -- so DON'T use the table below for
649: ** parsing!
650: **
2.6 timbl 651: ** Unlike HTUnEscape(), this routine returns a malloced string.
2.20 timbl 652: **
2.6 timbl 653: */
654:
2.20 timbl 655: /* Not BOTH static AND const at the same time in gcc :-(, Henrik 18/03-94
656: ** code gen error in gcc when making random access to
657: ** static const table(!!) */
2.19 frystyk 658: /* PRIVATE CONST unsigned char isAcceptable[96] = */
659: PRIVATE unsigned char isAcceptable[96] =
2.6 timbl 660:
2.20 timbl 661: /* Overencodes */
2.6 timbl 662: /* Bit 0 xalpha -- see HTFile.h
663: ** Bit 1 xpalpha -- as xalpha but with plus.
2.20 timbl 664: ** Bit 2 ... path -- as xpalpha but with /
2.6 timbl 665: */
666: /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
667: { 0,0,0,0,0,0,0,0,0,0,7,6,0,7,7,4, /* 2x !"#$%&'()*+,-./ */
668: 7,7,7,7,7,7,7,7,7,7,0,0,0,0,0,0, /* 3x 0123456789:;<=>? */
669: 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 4x @ABCDEFGHIJKLMNO */
670: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,7, /* 5X PQRSTUVWXYZ[\]^_ */
671: 0,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 6x `abcdefghijklmno */
672: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,0 }; /* 7X pqrstuvwxyz{\}~ DEL */
673:
674: PRIVATE char *hex = "0123456789ABCDEF";
675:
2.8 timbl 676: PUBLIC char * HTEscape ARGS2 (CONST char *, str,
2.6 timbl 677: unsigned char, mask)
678: {
679: #define ACCEPTABLE(a) ( a>=32 && a<128 && ((isAcceptable[a-32]) & mask))
680: CONST char * p;
681: char * q;
682: char * result;
683: int unacceptable = 0;
684: for(p=str; *p; p++)
685: if (!ACCEPTABLE((unsigned char)TOASCII(*p)))
686: unacceptable++;
687: result = (char *) malloc(p-str + unacceptable+ unacceptable + 1);
688: if (result == NULL) outofmem(__FILE__, "HTEscape");
689: for(q=result, p=str; *p; p++) {
690: unsigned char a = TOASCII(*p);
691: if (!ACCEPTABLE(a)) {
692: *q++ = HEX_ESCAPE; /* Means hex commming */
693: *q++ = hex[a >> 4];
694: *q++ = hex[a & 15];
695: }
696: else *q++ = *p;
697: }
698: *q++ = 0; /* Terminate */
699: return result;
700: }
701:
702:
2.1 timbl 703: /* Decode %xx escaped characters HTUnEscape()
704: ** -----------------------------
705: **
706: ** This function takes a pointer to a string in which some
707: ** characters may have been encoded in %xy form, where xy is
708: ** the acsii hex code for character 16x+y.
709: ** The string is converted in place, as it will never grow.
710: */
711:
712: PRIVATE char from_hex ARGS1(char, c)
713: {
2.6 timbl 714: return c >= '0' && c <= '9' ? c - '0'
715: : c >= 'A' && c <= 'F'? c - 'A' + 10
716: : c - 'a' + 10; /* accept small letters just in case */
2.1 timbl 717: }
718:
719: PUBLIC char * HTUnEscape ARGS1( char *, str)
720: {
721: char * p = str;
722: char * q = str;
2.25 frystyk 723:
724: if (!str) { /* Just for safety ;-) */
2.31 frystyk 725: if (URI_TRACE)
2.25 frystyk 726: fprintf(stderr, "HTUnEscape.. Called with NULL argument.\n");
727: return "";
728: }
2.1 timbl 729: while(*p) {
2.6 timbl 730: if (*p == HEX_ESCAPE) {
2.1 timbl 731: p++;
732: if (*p) *q = from_hex(*p++) * 16;
733: if (*p) *q = FROMASCII(*q + from_hex(*p++));
734: q++;
735: } else {
736: *q++ = *p++;
737: }
738: }
739:
740: *q++ = 0;
741: return str;
742:
743: } /* HTUnEscape */
744:
745:
2.24 luotonen 746: /* HTCleanTelnetString()
747: * Make sure that the given string doesn't contain characters that
748: * could cause security holes, such as newlines in ftp, gopher,
749: * news or telnet URLs; more specifically: allows everything between
2.26 frystyk 750: * ASCII 20-7E, and also A0-FE, inclusive. Also TAB ('\t') allowed!
2.24 luotonen 751: *
752: * On entry,
753: * str the string that is *modified* if necessary. The
754: * string will be truncated at the first illegal
755: * character that is encountered.
756: * On exit,
757: * returns YES, if the string was modified.
758: * NO, otherwise.
759: */
760: PUBLIC BOOL HTCleanTelnetString ARGS1(char *, str)
761: {
762: char * cur = str;
763:
764: if (!str) return NO;
765:
766: while (*cur) {
767: int a = TOASCII(*cur);
2.26 frystyk 768: if (a != 0x9 && (a < 0x20 || (a > 0x7E && a < 0xA0) || a > 0xFE)) {
2.31 frystyk 769: if (URI_TRACE)
770: fprintf(stderr, "Illegal..... character in URL: \"%s\"\n",str);
2.24 luotonen 771: *cur = 0;
2.31 frystyk 772: if (URI_TRACE)
773: fprintf(stderr, "Truncated... \"%s\"\n",str);
2.24 luotonen 774: return YES;
775: }
776: cur++;
777: }
778: return NO;
779: }
780:
Webmaster