Annotation of libwww/Library/src/HTParse.c, revision 2.33
1.1 timbl 1: /* Parse HyperText Document Address HTParse.c
2: ** ================================
2.26 frystyk 3: **
4: ** history:
5: ** May 12 94 TAB added as legal char in HTCleanTelnetString
6: **
1.1 timbl 7: */
2.31 frystyk 8:
1.1 timbl 9: #include "HTUtils.h"
2.31 frystyk 10: #include "HTTCP.h"
1.1 timbl 11: #include "HTParse.h"
12:
2.6 timbl 13: #define HEX_ESCAPE '%'
14:
1.1 timbl 15: struct struct_parts {
2.20 timbl 16: char * access; /* Now known as "scheme" */
1.1 timbl 17: char * host;
18: char * absolute;
19: char * relative;
20: /* char * search; no - treated as part of path */
21: char * anchor;
22: };
23:
24: /* Strip white space off a string
25: ** ------------------------------
26: **
27: ** On exit,
28: ** Return value points to first non-white character, or to 0 if none.
29: ** All trailing white space is OVERWRITTEN with zero.
30: */
31:
2.13 luotonen 32: PUBLIC char * HTStrip ARGS1(char *, s)
1.1 timbl 33: {
34: #define SPACE(c) ((c==' ')||(c=='\t')||(c=='\n'))
35: char * p=s;
2.13 luotonen 36: if (!s) return NULL; /* Doesn't dump core if NULL */
37: for(p=s;*p;p++); /* Find end of string */
1.1 timbl 38: for(p--;p>=s;p--) {
39: if(SPACE(*p)) *p=0; /* Zap trailing blanks */
40: else break;
41: }
42: while(SPACE(*s))s++; /* Strip leading blanks */
43: return s;
44: }
45:
46:
47: /* Scan a filename for its consituents
48: ** -----------------------------------
49: **
50: ** On entry,
51: ** name points to a document name which may be incomplete.
52: ** On exit,
53: ** absolute or relative may be nonzero (but not both).
54: ** host, anchor and access may be nonzero if they were specified.
55: ** Any which are nonzero point to zero terminated strings.
56: */
2.32 frystyk 57: PRIVATE void scan ARGS2(char *, name, struct struct_parts *, parts)
1.1 timbl 58: {
59: char * after_access;
60: char * p;
61: int length = strlen(name);
62:
63: parts->access = 0;
64: parts->host = 0;
65: parts->absolute = 0;
66: parts->relative = 0;
67: parts->anchor = 0;
68:
69: after_access = name;
70: for(p=name; *p; p++) {
71: if (*p==':') {
72: *p = 0;
2.20 timbl 73: parts->access = after_access; /* Scheme has been specified */
1.1 timbl 74: after_access = p+1;
2.22 luotonen 75: if (0==strcasecomp("URL", parts->access)) {
2.20 timbl 76: parts->access = NULL; /* Ignore IETF's URL: pre-prefix */
77: } else break;
1.1 timbl 78: }
2.20 timbl 79: if (*p=='/') break; /* Access has not been specified */
1.1 timbl 80: if (*p=='#') break;
81: }
82:
83: for(p=name+length-1; p>=name; p--) {
84: if (*p =='#') {
85: parts->anchor=p+1;
86: *p=0; /* terminate the rest */
87: }
88: }
89: p = after_access;
90: if (*p=='/'){
91: if (p[1]=='/') {
92: parts->host = p+2; /* host has been specified */
93: *p=0; /* Terminate access */
94: p=strchr(parts->host,'/'); /* look for end of host name if any */
95: if(p) {
96: *p=0; /* Terminate host */
97: parts->absolute = p+1; /* Root has been found */
98: }
99: } else {
100: parts->absolute = p+1; /* Root found but no host */
101: }
102: } else {
103: parts->relative = (*after_access) ? after_access : 0; /* zero for "" */
104: }
105:
2.16 timbl 106: #ifdef OLD_CODE
1.1 timbl 107: /* Access specified but no host: the anchor was not really one
2.16 timbl 108: e.g. news:j462#36487@foo.bar -- JFG 10/jul/92, from bug report */
109: /* This kludge doesn't work for example when coming across
110: file:/usr/local/www/fred#123
111: which loses its anchor. Correct approach in news is to
112: escape weird characters not allowed in URL. TBL 21/dec/93
113: */
1.1 timbl 114: if (parts->access && ! parts->host && parts->anchor) {
115: *(parts->anchor - 1) = '#'; /* Restore the '#' in the address */
116: parts->anchor = 0;
117: }
2.16 timbl 118: #endif
1.1 timbl 119:
120: #ifdef NOT_DEFINED /* search is just treated as part of path */
121: {
122: char *p = relative ? relative : absolute;
123: if (p) {
124: char * q = strchr(p, '?'); /* Any search string? */
125: if (q) {
126: *q = 0; /* If so, chop that off. */
127: parts->search = q+1;
128: }
129: }
130: }
131: #endif
132: } /*scan */
133:
134:
135: /* Parse a Name relative to another name
136: ** -------------------------------------
137: **
138: ** This returns those parts of a name which are given (and requested)
139: ** substituting bits from the related name where necessary.
140: **
141: ** On entry,
142: ** aName A filename given
2.33 ! howcome 143: ** relatedName A name relative to which aName is to be parsed. Give
! 144: ** it an empty string if aName is absolute.
1.1 timbl 145: ** wanted A mask for the bits which are wanted.
146: **
147: ** On exit,
148: ** returns A pointer to a malloc'd string which MUST BE FREED
149: */
2.32 frystyk 150: char * HTParse ARGS3(CONST char *, aName, CONST char *, relatedName,
151: int, wanted)
1.1 timbl 152: {
153: char * result = 0;
154: char * return_value = 0;
155: int len;
156: char * name = 0;
157: char * rel = 0;
158: char * p;
2.12 timbl 159: char * access;
1.1 timbl 160: struct struct_parts given, related;
2.33 ! howcome 161:
! 162: if (!relatedName) /* HWL 23/8/94: dont dump due to NULL */
! 163: relatedName = "";
1.1 timbl 164:
165: /* Make working copies of input strings to cut up:
166: */
167: len = strlen(aName)+strlen(relatedName)+10;
168: result=(char *)malloc(len); /* Lots of space: more than enough */
169: if (result == NULL) outofmem(__FILE__, "HTParse");
170:
171: StrAllocCopy(name, aName);
172: StrAllocCopy(rel, relatedName);
173:
174: scan(name, &given);
175: scan(rel, &related);
176: result[0]=0; /* Clear string */
2.12 timbl 177: access = given.access ? given.access : related.access;
1.1 timbl 178: if (wanted & PARSE_ACCESS)
2.12 timbl 179: if (access) {
180: strcat(result, access);
1.1 timbl 181: if(wanted & PARSE_PUNCTUATION) strcat(result, ":");
182: }
183:
184: if (given.access && related.access) /* If different, inherit nothing. */
185: if (strcmp(given.access, related.access)!=0) {
186: related.host=0;
187: related.absolute=0;
188: related.relative=0;
189: related.anchor=0;
190: }
191:
192: if (wanted & PARSE_HOST)
193: if(given.host || related.host) {
194: if(wanted & PARSE_PUNCTUATION) strcat(result, "//");
195: strcat(result, given.host ? given.host : related.host);
2.31 frystyk 196: #if 0
197: /* This is now done in HTCanon */
2.12 timbl 198: #define CLEAN_URLS
2.31 frystyk 199: #endif
2.12 timbl 200: #ifdef CLEAN_URLS
201: /* Ignore default port numbers, and trailing dots on FQDNs
202: which will only cause identical adreesses to look different */
203: {
2.31 frystyk 204: char *tail = result + strlen(result);
205: char *p = strchr(tail, ':');
2.12 timbl 206: if (p && access) { /* Port specified */
207: if ( ( strcmp(access, "http") == 0
208: && strcmp(p, ":80") == 0 )
209: ||
210: ( strcmp(access, "gopher") == 0
211: && strcmp(p, ":70") == 0 )
212: )
213: *p = (char)0; /* It is the default: ignore it */
214: }
215: if (!p) p = tail + strlen(tail); /* After hostname */
2.21 frystyk 216: if (*p) { /* Henrik 17/04-94 */
217: p--; /* End of hostname */
218: if (*p == '.') *p = (char)0; /* chop final . */
219: }
2.12 timbl 220: }
221: #endif
1.1 timbl 222: }
223:
224: if (given.host && related.host) /* If different hosts, inherit no path. */
225: if (strcmp(given.host, related.host)!=0) {
226: related.absolute=0;
227: related.relative=0;
228: related.anchor=0;
229: }
230:
231: if (wanted & PARSE_PATH) {
232: if(given.absolute) { /* All is given */
233: if(wanted & PARSE_PUNCTUATION) strcat(result, "/");
234: strcat(result, given.absolute);
235: } else if(related.absolute) { /* Adopt path not name */
236: strcat(result, "/");
237: strcat(result, related.absolute);
238: if (given.relative) {
239: p = strchr(result, '?'); /* Search part? */
240: if (!p) p=result+strlen(result)-1;
241: for (; *p!='/'; p--); /* last / */
242: p[1]=0; /* Remove filename */
243: strcat(result, given.relative); /* Add given one */
2.31 frystyk 244: result = HTSimplify (result);
1.1 timbl 245: }
246: } else if(given.relative) {
247: strcat(result, given.relative); /* what we've got */
248: } else if(related.relative) {
249: strcat(result, related.relative);
250: } else { /* No inheritance */
251: strcat(result, "/");
252: }
253: }
254:
255: if (wanted & PARSE_ANCHOR)
256: if(given.anchor || related.anchor) {
257: if(wanted & PARSE_PUNCTUATION) strcat(result, "#");
258: strcat(result, given.anchor ? given.anchor : related.anchor);
259: }
260: free(rel);
261: free(name);
262:
263: StrAllocCopy(return_value, result);
264: free(result);
265: return return_value; /* exactly the right length */
266: }
267:
2.11 timbl 268:
2.21 frystyk 269: #if 0 /* NOT USED FOR THE MOMENT */
2.15 luotonen 270: /*
271: ** As strcpy() but guaranteed to work correctly
272: ** with overlapping parameters. AL 7 Feb 1994
273: */
274: PRIVATE void ari_strcpy ARGS2(char *, to,
275: char *, from)
276: {
277: char * tmp;
278:
279: if (!to || !from) return;
280:
281: tmp = (char*)malloc(strlen(from)+1);
282: if (!tmp) outofmem(__FILE__, "my_strcpy");
283:
284: strcpy(tmp, from);
285: strcpy(to, tmp);
286: free(tmp);
287: }
2.21 frystyk 288: #endif
289:
2.20 timbl 290:
291: /* Simplify a URI
292: // --------------
293: // A URI is allowed to contain the seqeunce xxx/../ which may be
1.1 timbl 294: // replaced by "" , and the seqeunce "/./" which may be replaced by "/".
2.20 timbl 295: // Simplification helps us recognize duplicate URIs.
1.1 timbl 296: //
297: // Thus, /etc/junk/../fred becomes /etc/fred
298: // /etc/junk/./fred becomes /etc/junk/fred
2.11 timbl 299: //
300: // but we should NOT change
301: // http://fred.xxx.edu/../..
302: //
303: // or ../../albert.html
2.26 frystyk 304: //
305: // In the same manner, the following prefixed are preserved:
306: //
307: // ./<etc>
308: // //<etc>
309: //
310: // In order to avoid empty URLs the following URLs become:
311: //
312: // /fred/.. becomes /fred/..
313: // /fred/././.. becomes /fred/..
2.27 frystyk 314: // /fred/.././junk/.././ becomes /fred/..
2.26 frystyk 315: //
2.30 frystyk 316: // If more than one set of `://' is found (several proxies in cascade) then
317: // only the part after the last `://' is simplified.
1.1 timbl 318: */
2.31 frystyk 319: PUBLIC char *HTSimplify ARGS1(char *, filename)
1.1 timbl 320: {
2.31 frystyk 321: char *path;
322: char *p;
2.19 frystyk 323:
2.31 frystyk 324: if (!filename) {
325: if (URI_TRACE)
326: fprintf(stderr, "HTSimplify.. Bad argument\n");
327: return filename;
328: }
329: if (URI_TRACE)
2.27 frystyk 330: fprintf(stderr, "HTSimplify.. `%s\' ", filename);
331:
2.31 frystyk 332: if ((path = strstr(filename, "://")) != NULL) { /* Find host name */
2.30 frystyk 333: char *newptr;
2.31 frystyk 334: path += 3;
335: while ((newptr = strstr(path, "://")) != NULL)
336: path = newptr+3;
337: path = HTCanon(&filename, path); /* We have a host name */
338: } else if ((path = strstr(filename, ":/")) != NULL) {
339: path += 2;
2.27 frystyk 340: } else
2.31 frystyk 341: path = filename;
342: if (*path == '/' && *(path+1)=='/') { /* Some URLs start //<foo> */
343: path += 1;
344: } else if (!strncmp(path, "news:", 5)) { /* Make group lower case */
345: char *group = path+5;
346: while (*group && *group!='@' && *group!='/') {
347: *group = TOLOWER(*group);
348: group++;
349: }
350: if (URI_TRACE)
351: fprintf(stderr, "into\n............ `%s'\n", filename);
352: return filename; /* Doesn't need to do any more */
353: }
354: if ((p = path)) {
355: int segments = 0;
356:
357: /* Parse string first time to find number of `real' tokens */
358: while (*p) {
359: if (*p=='/' || p==path) {
360: if (!((*(p+1)=='/' || !*(p+1)) ||
361: (*(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) ||
362: (*(p+1)=='.' && *(p+2)=='.' &&(*(p+3)=='/' || !*(p+3)))))
363: segments++;
364: }
365: p++;
366: }
2.19 frystyk 367:
2.31 frystyk 368: /* Parse string second time to simplify */
369: p = path;
370: while(*p) {
371: if (*p=='/') {
372: if (p>path && *(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) {
373: char *orig=p, *dest=p+2;
374: while ((*orig++ = *dest++)); /* Remove a slash and a dot */
375: p--;
376: } else if (segments>1 && *(p+1)=='.' && *(p+2)=='.' &&
377: (*(p+3)=='/' || !*(p+3))) {
378: char *q = p;
379: while (q>path && *--q!='/'); /* prev slash */
380: if (strncmp(q, "/../", 4) && strncmp(q, "/./", 3) &&
381: strncmp(q, "./", 2)) {
382: char *orig=q, *dest=p+3;
383: if (*q!='/') dest++;
384: while ((*orig++ = *dest++)); /* Remove /xxx/.. */
385: segments--;
386: p = q-1; /* Start again with prev slash */
387: } else
388: p++;
389: } else if (*(p+1)=='/') {
390: while (*(p+1)=='/') {
391: char *orig=p, *dest=p+1;
392: while ((*orig++ = *dest++)); /* Remove multiple /'s */
2.19 frystyk 393: }
394: }
395: }
2.31 frystyk 396: p++;
397: } /* end while (*p) */
2.19 frystyk 398: }
2.31 frystyk 399: if (URI_TRACE)
2.27 frystyk 400: fprintf(stderr, "into\n............ `%s'\n", filename);
2.31 frystyk 401: return filename;
2.19 frystyk 402: }
2.31 frystyk 403:
2.19 frystyk 404: #ifdef OLD_CODE
2.17 frystyk 405: char * p = filename;
1.1 timbl 406: char * q;
2.17 frystyk 407:
408: if (p) {
409: while (*p && (*p == '/' || *p == '.')) /* Pass starting / or .'s */
410: p++;
411: while(*p) {
412: if (*p=='/') {
1.1 timbl 413: if ((p[1]=='.') && (p[2]=='.') && (p[3]=='/' || !p[3] )) {
2.11 timbl 414: for (q=p-1; (q>=filename) && (*q!='/'); q--); /* prev slash */
415: if (q[0]=='/' && 0!=strncmp(q, "/../", 4)
416: &&!(q-1>filename && q[-1]=='/')) {
2.15 luotonen 417: ari_strcpy(q, p+3); /* Remove /xxx/.. */
1.1 timbl 418: if (!*filename) strcpy(filename, "/");
419: p = q-1; /* Start again with prev slash */
2.11 timbl 420: } else { /* xxx/.. leave it! */
2.9 timbl 421: #ifdef BUG_CODE
2.15 luotonen 422: ari_strcpy(filename, p[3] ? p+4 : p+3); /* rm xxx/../ */
1.1 timbl 423: p = filename; /* Start again */
2.9 timbl 424: #endif
1.1 timbl 425: }
426: } else if ((p[1]=='.') && (p[2]=='/' || !p[2])) {
2.15 luotonen 427: ari_strcpy(p, p+2); /* Remove a slash and a dot */
2.13 luotonen 428: } else if (p[-1] != ':') {
429: while (p[1] == '/') {
2.15 luotonen 430: ari_strcpy(p, p+1); /* Remove multiple slashes */
2.13 luotonen 431: }
1.1 timbl 432: }
2.17 frystyk 433: }
434: p++;
435: } /* end while (*p) */
436: } /* end if (p) */
1.1 timbl 437: }
2.19 frystyk 438: #endif /* OLD_CODE */
1.1 timbl 439:
440:
441: /* Make Relative Name
442: ** ------------------
443: **
444: ** This function creates and returns a string which gives an expression of
445: ** one address as related to another. Where there is no relation, an absolute
446: ** address is retured.
447: **
448: ** On entry,
449: ** Both names must be absolute, fully qualified names of nodes
450: ** (no anchor bits)
451: **
452: ** On exit,
453: ** The return result points to a newly allocated name which, if
454: ** parsed by HTParse relative to relatedName, will yield aName.
455: ** The caller is responsible for freeing the resulting name later.
456: **
457: */
2.32 frystyk 458: char * HTRelative ARGS2(CONST char *, aName, CONST char *, relatedName)
1.1 timbl 459: {
460: char * result = 0;
461: CONST char *p = aName;
462: CONST char *q = relatedName;
463: CONST char * after_access = 0;
464: CONST char * path = 0;
465: CONST char * last_slash = 0;
466: int slashes = 0;
467:
468: for(;*p; p++, q++) { /* Find extent of match */
469: if (*p!=*q) break;
470: if (*p==':') after_access = p+1;
471: if (*p=='/') {
472: last_slash = p;
473: slashes++;
474: if (slashes==3) path=p;
475: }
476: }
477:
478: /* q, p point to the first non-matching character or zero */
479:
480: if (!after_access) { /* Different access */
481: StrAllocCopy(result, aName);
482: } else if (slashes<3){ /* Different nodes */
483: StrAllocCopy(result, after_access);
2.29 frystyk 484: #if 0 /* Henrik */
1.1 timbl 485: } else if (slashes==3){ /* Same node, different path */
486: StrAllocCopy(result, path);
2.21 frystyk 487: #endif
1.1 timbl 488: } else { /* Some path in common */
489: int levels= 0;
490: for(; *q && (*q!='#'); q++) if (*q=='/') levels++;
491: result = (char *)malloc(3*levels + strlen(last_slash) + 1);
492: if (result == NULL) outofmem(__FILE__, "HTRelative");
493: result[0]=0;
494: for(;levels; levels--)strcat(result, "../");
495: strcat(result, last_slash+1);
496: }
2.31 frystyk 497: if (URI_TRACE) fprintf(stderr,
2.21 frystyk 498: "HTRelative.. `%s' expressed relative to `%s' is `%s'\n",
499: aName, relatedName, result);
1.1 timbl 500: return result;
501: }
2.1 timbl 502:
503:
2.31 frystyk 504: /* HTCanon
505: **
506: ** Canonicalizes the URL in the following manner starting from the host
507: ** pointer:
508: **
509: ** 1) The host name is converted to lowercase
510: ** 2) Expands the host name of the URL from a local name to a full
511: ** domain name. A host name is started by `://'.
512: ** 3) The default port indication :80, :70, and :21 for are stripped
513: **
514: ** Return: OK The position of the current path part of the URL
515: */
516: PUBLIC char *HTCanon ARGS2 (char **, filename, char *, host)
517: {
2.32 frystyk 518: char *newname = NULL;
2.31 frystyk 519: char *port;
520: char *strptr;
521: char *path;
522:
523: if ((path = strchr(host, '/')) == NULL) /* Find path */
524: path = host + strlen(host);
525: if ((strptr = strchr(host, '@')) != NULL && strptr<path) /* UserId */
526: host = strptr;
527: port = strchr(host, ':'); /* Port number */
528:
529: strptr = host; /* Convert to lower-case */
530: while (strptr<path) {
531: *strptr = TOLOWER(*strptr);
532: strptr++;
533: }
534:
535: /* Does the URL contain a full domain name? This also works for a
536: numerical host name. The domain name is already made lower-case
537: and without a trailing dot. */
538: if ((strptr = strchr(host, '.')) == NULL || strptr >= path) {
539: CONST char *domain = HTGetDomainName();
540: if (domain) {
2.32 frystyk 541: if ((newname = (char *) calloc(1, strlen(*filename) +
2.31 frystyk 542: strlen(domain)+2)) == NULL)
543: outofmem(__FILE__, "HTCanon");
544: if (port)
2.32 frystyk 545: strncpy(newname, *filename, (int) (port-*filename));
2.31 frystyk 546: else
2.32 frystyk 547: strncpy(newname, *filename, (int) (path-*filename));
548: strcat(newname, ".");
549: strcat(newname, domain);
2.31 frystyk 550: }
551: } else { /* Look for a trailing dot */
552: char *dot = port ? port : path;
553: if (dot > *filename && *--dot=='.') {
554: char *orig=dot, *dest=dot+1;
555: while((*orig++ = *dest++));
556: if (port) port--;
557: path--;
558: }
559: }
560:
561: /* Chop off port if `:80' (http), `:70' (gopher), or `:21' (ftp) */
562: if (port) {
563: if ((*(port+1)=='8' && *(port+2)=='0' &&
564: (*(port+3)=='/' || !*(port+3))) ||
565: (*(port+1)=='2' && *(port+2)=='1' &&
566: (*(port+3)=='/' || !*(port+3))) ||
567: (*(port+1)=='7' && *(port+2)=='0' &&
568: (*(port+3)=='/' || !*(port+3)))) {
2.32 frystyk 569: if (!newname) {
2.31 frystyk 570: char *orig=port, *dest=port+3;
571: while((*orig++ = *dest++));
572: }
2.32 frystyk 573: } else if (newname)
574: strncat(newname, port, (int) (path-port));
2.31 frystyk 575: }
2.32 frystyk 576: if (newname) {
577: char *newpath = newname+strlen(newname);
578: strcat(newname, path);
2.31 frystyk 579: path = newpath;
580: free(*filename); /* Free old copy */
2.32 frystyk 581: *filename = newname;
2.31 frystyk 582: }
583: return path;
584: }
585:
586:
2.6 timbl 587: /* Escape undesirable characters using % HTEscape()
588: ** -------------------------------------
589: **
590: ** This function takes a pointer to a string in which
591: ** some characters may be unacceptable unescaped.
592: ** It returns a string which has these characters
593: ** represented by a '%' character followed by two hex digits.
594: **
2.20 timbl 595: ** In the tradition of being conservative in what you do and liberal
596: ** in what you accept, we encode some characters which in fact are
597: ** allowed in URLs unencoded -- so DON'T use the table below for
598: ** parsing!
599: **
2.6 timbl 600: ** Unlike HTUnEscape(), this routine returns a malloced string.
2.20 timbl 601: **
2.6 timbl 602: */
603:
2.20 timbl 604: /* Not BOTH static AND const at the same time in gcc :-(, Henrik 18/03-94
605: ** code gen error in gcc when making random access to
606: ** static const table(!!) */
2.19 frystyk 607: /* PRIVATE CONST unsigned char isAcceptable[96] = */
608: PRIVATE unsigned char isAcceptable[96] =
2.6 timbl 609:
2.20 timbl 610: /* Overencodes */
2.6 timbl 611: /* Bit 0 xalpha -- see HTFile.h
612: ** Bit 1 xpalpha -- as xalpha but with plus.
2.20 timbl 613: ** Bit 2 ... path -- as xpalpha but with /
2.6 timbl 614: */
615: /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
616: { 0,0,0,0,0,0,0,0,0,0,7,6,0,7,7,4, /* 2x !"#$%&'()*+,-./ */
617: 7,7,7,7,7,7,7,7,7,7,0,0,0,0,0,0, /* 3x 0123456789:;<=>? */
618: 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 4x @ABCDEFGHIJKLMNO */
619: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,7, /* 5X PQRSTUVWXYZ[\]^_ */
620: 0,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 6x `abcdefghijklmno */
621: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,0 }; /* 7X pqrstuvwxyz{\}~ DEL */
622:
623: PRIVATE char *hex = "0123456789ABCDEF";
624:
2.8 timbl 625: PUBLIC char * HTEscape ARGS2 (CONST char *, str,
2.6 timbl 626: unsigned char, mask)
627: {
628: #define ACCEPTABLE(a) ( a>=32 && a<128 && ((isAcceptable[a-32]) & mask))
629: CONST char * p;
630: char * q;
631: char * result;
632: int unacceptable = 0;
633: for(p=str; *p; p++)
634: if (!ACCEPTABLE((unsigned char)TOASCII(*p)))
635: unacceptable++;
636: result = (char *) malloc(p-str + unacceptable+ unacceptable + 1);
637: if (result == NULL) outofmem(__FILE__, "HTEscape");
638: for(q=result, p=str; *p; p++) {
639: unsigned char a = TOASCII(*p);
640: if (!ACCEPTABLE(a)) {
641: *q++ = HEX_ESCAPE; /* Means hex commming */
642: *q++ = hex[a >> 4];
643: *q++ = hex[a & 15];
644: }
645: else *q++ = *p;
646: }
647: *q++ = 0; /* Terminate */
648: return result;
649: }
650:
651:
2.1 timbl 652: /* Decode %xx escaped characters HTUnEscape()
653: ** -----------------------------
654: **
655: ** This function takes a pointer to a string in which some
656: ** characters may have been encoded in %xy form, where xy is
657: ** the acsii hex code for character 16x+y.
658: ** The string is converted in place, as it will never grow.
659: */
660:
661: PRIVATE char from_hex ARGS1(char, c)
662: {
2.6 timbl 663: return c >= '0' && c <= '9' ? c - '0'
664: : c >= 'A' && c <= 'F'? c - 'A' + 10
665: : c - 'a' + 10; /* accept small letters just in case */
2.1 timbl 666: }
667:
668: PUBLIC char * HTUnEscape ARGS1( char *, str)
669: {
670: char * p = str;
671: char * q = str;
2.25 frystyk 672:
673: if (!str) { /* Just for safety ;-) */
2.31 frystyk 674: if (URI_TRACE)
2.25 frystyk 675: fprintf(stderr, "HTUnEscape.. Called with NULL argument.\n");
676: return "";
677: }
2.1 timbl 678: while(*p) {
2.6 timbl 679: if (*p == HEX_ESCAPE) {
2.1 timbl 680: p++;
681: if (*p) *q = from_hex(*p++) * 16;
682: if (*p) *q = FROMASCII(*q + from_hex(*p++));
683: q++;
684: } else {
685: *q++ = *p++;
686: }
687: }
688:
689: *q++ = 0;
690: return str;
691:
692: } /* HTUnEscape */
693:
694:
2.24 luotonen 695: /* HTCleanTelnetString()
696: * Make sure that the given string doesn't contain characters that
697: * could cause security holes, such as newlines in ftp, gopher,
698: * news or telnet URLs; more specifically: allows everything between
2.26 frystyk 699: * ASCII 20-7E, and also A0-FE, inclusive. Also TAB ('\t') allowed!
2.24 luotonen 700: *
701: * On entry,
702: * str the string that is *modified* if necessary. The
703: * string will be truncated at the first illegal
704: * character that is encountered.
705: * On exit,
706: * returns YES, if the string was modified.
707: * NO, otherwise.
708: */
709: PUBLIC BOOL HTCleanTelnetString ARGS1(char *, str)
710: {
711: char * cur = str;
712:
713: if (!str) return NO;
714:
715: while (*cur) {
716: int a = TOASCII(*cur);
2.26 frystyk 717: if (a != 0x9 && (a < 0x20 || (a > 0x7E && a < 0xA0) || a > 0xFE)) {
2.31 frystyk 718: if (URI_TRACE)
719: fprintf(stderr, "Illegal..... character in URL: \"%s\"\n",str);
2.24 luotonen 720: *cur = 0;
2.31 frystyk 721: if (URI_TRACE)
722: fprintf(stderr, "Truncated... \"%s\"\n",str);
2.24 luotonen 723: return YES;
724: }
725: cur++;
726: }
727: return NO;
728: }
729:
Webmaster