Annotation of libwww/Library/src/HTParse.c, revision 2.37
1.1 timbl 1: /* Parse HyperText Document Address HTParse.c
2: ** ================================
2.26 frystyk 3: **
4: ** history:
5: ** May 12 94 TAB added as legal char in HTCleanTelnetString
6: **
1.1 timbl 7: */
2.31 frystyk 8:
1.1 timbl 9: #include "HTUtils.h"
2.31 frystyk 10: #include "HTTCP.h"
1.1 timbl 11: #include "HTParse.h"
12:
2.6 timbl 13: #define HEX_ESCAPE '%'
14:
1.1 timbl 15: struct struct_parts {
2.20 timbl 16: char * access; /* Now known as "scheme" */
1.1 timbl 17: char * host;
18: char * absolute;
19: char * relative;
20: /* char * search; no - treated as part of path */
21: char * anchor;
22: };
23:
24: /* Strip white space off a string
25: ** ------------------------------
26: **
27: ** On exit,
28: ** Return value points to first non-white character, or to 0 if none.
29: ** All trailing white space is OVERWRITTEN with zero.
30: */
31:
2.13 luotonen 32: PUBLIC char * HTStrip ARGS1(char *, s)
1.1 timbl 33: {
34: #define SPACE(c) ((c==' ')||(c=='\t')||(c=='\n'))
35: char * p=s;
2.13 luotonen 36: if (!s) return NULL; /* Doesn't dump core if NULL */
37: for(p=s;*p;p++); /* Find end of string */
1.1 timbl 38: for(p--;p>=s;p--) {
39: if(SPACE(*p)) *p=0; /* Zap trailing blanks */
40: else break;
41: }
42: while(SPACE(*s))s++; /* Strip leading blanks */
43: return s;
44: }
45:
46:
47: /* Scan a filename for its consituents
48: ** -----------------------------------
49: **
50: ** On entry,
51: ** name points to a document name which may be incomplete.
52: ** On exit,
53: ** absolute or relative may be nonzero (but not both).
54: ** host, anchor and access may be nonzero if they were specified.
55: ** Any which are nonzero point to zero terminated strings.
56: */
2.32 frystyk 57: PRIVATE void scan ARGS2(char *, name, struct struct_parts *, parts)
1.1 timbl 58: {
59: char * after_access;
60: char * p;
61: int length = strlen(name);
62:
63: parts->access = 0;
64: parts->host = 0;
65: parts->absolute = 0;
66: parts->relative = 0;
67: parts->anchor = 0;
68:
69: after_access = name;
70: for(p=name; *p; p++) {
71: if (*p==':') {
72: *p = 0;
2.20 timbl 73: parts->access = after_access; /* Scheme has been specified */
2.37 ! howcome 74:
1.1 timbl 75: after_access = p+1;
2.37 ! howcome 76:
! 77: /*
! 78: after_access = p;
! 79: while (*after_access == 0) /* HWL 15/10/94: weird bug on HP *//*
! 80: after_access++; /* after_access = p + 1 *//*
! 81: */
2.22 luotonen 82: if (0==strcasecomp("URL", parts->access)) {
2.20 timbl 83: parts->access = NULL; /* Ignore IETF's URL: pre-prefix */
84: } else break;
1.1 timbl 85: }
2.20 timbl 86: if (*p=='/') break; /* Access has not been specified */
1.1 timbl 87: if (*p=='#') break;
88: }
89:
90: for(p=name+length-1; p>=name; p--) {
91: if (*p =='#') {
92: parts->anchor=p+1;
93: *p=0; /* terminate the rest */
94: }
95: }
96: p = after_access;
97: if (*p=='/'){
98: if (p[1]=='/') {
99: parts->host = p+2; /* host has been specified */
100: *p=0; /* Terminate access */
101: p=strchr(parts->host,'/'); /* look for end of host name if any */
102: if(p) {
103: *p=0; /* Terminate host */
104: parts->absolute = p+1; /* Root has been found */
105: }
106: } else {
107: parts->absolute = p+1; /* Root found but no host */
108: }
109: } else {
110: parts->relative = (*after_access) ? after_access : 0; /* zero for "" */
111: }
112:
2.16 timbl 113: #ifdef OLD_CODE
1.1 timbl 114: /* Access specified but no host: the anchor was not really one
2.16 timbl 115: e.g. news:j462#36487@foo.bar -- JFG 10/jul/92, from bug report */
116: /* This kludge doesn't work for example when coming across
117: file:/usr/local/www/fred#123
118: which loses its anchor. Correct approach in news is to
119: escape weird characters not allowed in URL. TBL 21/dec/93
120: */
1.1 timbl 121: if (parts->access && ! parts->host && parts->anchor) {
122: *(parts->anchor - 1) = '#'; /* Restore the '#' in the address */
123: parts->anchor = 0;
124: }
2.16 timbl 125: #endif
1.1 timbl 126:
127: #ifdef NOT_DEFINED /* search is just treated as part of path */
128: {
129: char *p = relative ? relative : absolute;
130: if (p) {
131: char * q = strchr(p, '?'); /* Any search string? */
132: if (q) {
133: *q = 0; /* If so, chop that off. */
134: parts->search = q+1;
135: }
136: }
137: }
138: #endif
139: } /*scan */
140:
141:
142: /* Parse a Name relative to another name
143: ** -------------------------------------
144: **
145: ** This returns those parts of a name which are given (and requested)
146: ** substituting bits from the related name where necessary.
147: **
148: ** On entry,
149: ** aName A filename given
2.33 howcome 150: ** relatedName A name relative to which aName is to be parsed. Give
151: ** it an empty string if aName is absolute.
1.1 timbl 152: ** wanted A mask for the bits which are wanted.
153: **
154: ** On exit,
155: ** returns A pointer to a malloc'd string which MUST BE FREED
156: */
2.32 frystyk 157: char * HTParse ARGS3(CONST char *, aName, CONST char *, relatedName,
158: int, wanted)
1.1 timbl 159: {
160: char * result = 0;
161: char * return_value = 0;
162: int len;
163: char * name = 0;
164: char * rel = 0;
165: char * p;
2.12 timbl 166: char * access;
1.1 timbl 167: struct struct_parts given, related;
2.33 howcome 168:
169: if (!relatedName) /* HWL 23/8/94: dont dump due to NULL */
170: relatedName = "";
1.1 timbl 171:
172: /* Make working copies of input strings to cut up:
173: */
174: len = strlen(aName)+strlen(relatedName)+10;
175: result=(char *)malloc(len); /* Lots of space: more than enough */
176: if (result == NULL) outofmem(__FILE__, "HTParse");
177:
178: StrAllocCopy(name, aName);
179: StrAllocCopy(rel, relatedName);
180:
181: scan(name, &given);
182: scan(rel, &related);
183: result[0]=0; /* Clear string */
2.12 timbl 184: access = given.access ? given.access : related.access;
1.1 timbl 185: if (wanted & PARSE_ACCESS)
2.12 timbl 186: if (access) {
187: strcat(result, access);
1.1 timbl 188: if(wanted & PARSE_PUNCTUATION) strcat(result, ":");
189: }
190:
191: if (given.access && related.access) /* If different, inherit nothing. */
192: if (strcmp(given.access, related.access)!=0) {
193: related.host=0;
194: related.absolute=0;
195: related.relative=0;
196: related.anchor=0;
197: }
198:
199: if (wanted & PARSE_HOST)
200: if(given.host || related.host) {
201: if(wanted & PARSE_PUNCTUATION) strcat(result, "//");
202: strcat(result, given.host ? given.host : related.host);
203: }
204:
205: if (given.host && related.host) /* If different hosts, inherit no path. */
206: if (strcmp(given.host, related.host)!=0) {
207: related.absolute=0;
208: related.relative=0;
209: related.anchor=0;
210: }
211:
212: if (wanted & PARSE_PATH) {
213: if(given.absolute) { /* All is given */
214: if(wanted & PARSE_PUNCTUATION) strcat(result, "/");
215: strcat(result, given.absolute);
216: } else if(related.absolute) { /* Adopt path not name */
217: strcat(result, "/");
218: strcat(result, related.absolute);
219: if (given.relative) {
220: p = strchr(result, '?'); /* Search part? */
221: if (!p) p=result+strlen(result)-1;
222: for (; *p!='/'; p--); /* last / */
223: p[1]=0; /* Remove filename */
224: strcat(result, given.relative); /* Add given one */
2.31 frystyk 225: result = HTSimplify (result);
1.1 timbl 226: }
227: } else if(given.relative) {
228: strcat(result, given.relative); /* what we've got */
229: } else if(related.relative) {
230: strcat(result, related.relative);
231: } else { /* No inheritance */
232: strcat(result, "/");
233: }
234: }
235:
236: if (wanted & PARSE_ANCHOR)
237: if(given.anchor || related.anchor) {
238: if(wanted & PARSE_PUNCTUATION) strcat(result, "#");
239: strcat(result, given.anchor ? given.anchor : related.anchor);
240: }
241: free(rel);
242: free(name);
243:
244: StrAllocCopy(return_value, result);
245: free(result);
246: return return_value; /* exactly the right length */
247: }
248:
2.11 timbl 249:
2.21 frystyk 250: #if 0 /* NOT USED FOR THE MOMENT */
2.15 luotonen 251: /*
252: ** As strcpy() but guaranteed to work correctly
253: ** with overlapping parameters. AL 7 Feb 1994
254: */
255: PRIVATE void ari_strcpy ARGS2(char *, to,
256: char *, from)
257: {
258: char * tmp;
259:
260: if (!to || !from) return;
261:
262: tmp = (char*)malloc(strlen(from)+1);
263: if (!tmp) outofmem(__FILE__, "my_strcpy");
264:
265: strcpy(tmp, from);
266: strcpy(to, tmp);
267: free(tmp);
268: }
2.21 frystyk 269: #endif
270:
2.20 timbl 271:
272: /* Simplify a URI
273: // --------------
274: // A URI is allowed to contain the seqeunce xxx/../ which may be
1.1 timbl 275: // replaced by "" , and the seqeunce "/./" which may be replaced by "/".
2.20 timbl 276: // Simplification helps us recognize duplicate URIs.
1.1 timbl 277: //
278: // Thus, /etc/junk/../fred becomes /etc/fred
279: // /etc/junk/./fred becomes /etc/junk/fred
2.11 timbl 280: //
281: // but we should NOT change
282: // http://fred.xxx.edu/../..
283: //
284: // or ../../albert.html
2.26 frystyk 285: //
286: // In the same manner, the following prefixed are preserved:
287: //
288: // ./<etc>
289: // //<etc>
290: //
291: // In order to avoid empty URLs the following URLs become:
292: //
293: // /fred/.. becomes /fred/..
294: // /fred/././.. becomes /fred/..
2.27 frystyk 295: // /fred/.././junk/.././ becomes /fred/..
2.26 frystyk 296: //
2.30 frystyk 297: // If more than one set of `://' is found (several proxies in cascade) then
298: // only the part after the last `://' is simplified.
1.1 timbl 299: */
2.31 frystyk 300: PUBLIC char *HTSimplify ARGS1(char *, filename)
1.1 timbl 301: {
2.31 frystyk 302: char *path;
303: char *p;
2.19 frystyk 304:
2.31 frystyk 305: if (!filename) {
306: if (URI_TRACE)
307: fprintf(stderr, "HTSimplify.. Bad argument\n");
308: return filename;
309: }
310: if (URI_TRACE)
2.27 frystyk 311: fprintf(stderr, "HTSimplify.. `%s\' ", filename);
312:
2.31 frystyk 313: if ((path = strstr(filename, "://")) != NULL) { /* Find host name */
2.30 frystyk 314: char *newptr;
2.31 frystyk 315: path += 3;
316: while ((newptr = strstr(path, "://")) != NULL)
317: path = newptr+3;
318: path = HTCanon(&filename, path); /* We have a host name */
319: } else if ((path = strstr(filename, ":/")) != NULL) {
320: path += 2;
2.27 frystyk 321: } else
2.31 frystyk 322: path = filename;
323: if (*path == '/' && *(path+1)=='/') { /* Some URLs start //<foo> */
324: path += 1;
2.34 frystyk 325: } else if (!strncmp(path, "news:", 5)) {
326: char *ptr = strchr(path+5, '@');
327: if (!ptr) ptr = path+5;
328: while (*ptr) { /* Make group or host lower case */
329: *ptr = TOLOWER(*ptr);
330: ptr++;
2.31 frystyk 331: }
332: if (URI_TRACE)
333: fprintf(stderr, "into\n............ `%s'\n", filename);
334: return filename; /* Doesn't need to do any more */
335: }
336: if ((p = path)) {
337: int segments = 0;
338:
339: /* Parse string first time to find number of `real' tokens */
340: while (*p) {
341: if (*p=='/' || p==path) {
342: if (!((*(p+1)=='/' || !*(p+1)) ||
343: (*(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) ||
344: (*(p+1)=='.' && *(p+2)=='.' &&(*(p+3)=='/' || !*(p+3)))))
345: segments++;
346: }
347: p++;
348: }
2.19 frystyk 349:
2.31 frystyk 350: /* Parse string second time to simplify */
351: p = path;
352: while(*p) {
353: if (*p=='/') {
354: if (p>path && *(p+1)=='.' && (*(p+2)=='/' || !*(p+2))) {
355: char *orig=p, *dest=p+2;
356: while ((*orig++ = *dest++)); /* Remove a slash and a dot */
357: p--;
358: } else if (segments>1 && *(p+1)=='.' && *(p+2)=='.' &&
359: (*(p+3)=='/' || !*(p+3))) {
360: char *q = p;
361: while (q>path && *--q!='/'); /* prev slash */
362: if (strncmp(q, "/../", 4) && strncmp(q, "/./", 3) &&
363: strncmp(q, "./", 2)) {
364: char *orig=q, *dest=p+3;
365: if (*q!='/') dest++;
366: while ((*orig++ = *dest++)); /* Remove /xxx/.. */
367: segments--;
368: p = q-1; /* Start again with prev slash */
369: } else
370: p++;
371: } else if (*(p+1)=='/') {
372: while (*(p+1)=='/') {
373: char *orig=p, *dest=p+1;
374: while ((*orig++ = *dest++)); /* Remove multiple /'s */
2.19 frystyk 375: }
376: }
377: }
2.31 frystyk 378: p++;
379: } /* end while (*p) */
2.19 frystyk 380: }
2.31 frystyk 381: if (URI_TRACE)
2.27 frystyk 382: fprintf(stderr, "into\n............ `%s'\n", filename);
2.31 frystyk 383: return filename;
2.19 frystyk 384: }
2.31 frystyk 385:
2.19 frystyk 386: #ifdef OLD_CODE
2.17 frystyk 387: char * p = filename;
1.1 timbl 388: char * q;
2.17 frystyk 389:
390: if (p) {
391: while (*p && (*p == '/' || *p == '.')) /* Pass starting / or .'s */
392: p++;
393: while(*p) {
394: if (*p=='/') {
1.1 timbl 395: if ((p[1]=='.') && (p[2]=='.') && (p[3]=='/' || !p[3] )) {
2.11 timbl 396: for (q=p-1; (q>=filename) && (*q!='/'); q--); /* prev slash */
397: if (q[0]=='/' && 0!=strncmp(q, "/../", 4)
398: &&!(q-1>filename && q[-1]=='/')) {
2.15 luotonen 399: ari_strcpy(q, p+3); /* Remove /xxx/.. */
1.1 timbl 400: if (!*filename) strcpy(filename, "/");
401: p = q-1; /* Start again with prev slash */
2.11 timbl 402: } else { /* xxx/.. leave it! */
2.9 timbl 403: #ifdef BUG_CODE
2.15 luotonen 404: ari_strcpy(filename, p[3] ? p+4 : p+3); /* rm xxx/../ */
1.1 timbl 405: p = filename; /* Start again */
2.9 timbl 406: #endif
1.1 timbl 407: }
408: } else if ((p[1]=='.') && (p[2]=='/' || !p[2])) {
2.15 luotonen 409: ari_strcpy(p, p+2); /* Remove a slash and a dot */
2.13 luotonen 410: } else if (p[-1] != ':') {
411: while (p[1] == '/') {
2.15 luotonen 412: ari_strcpy(p, p+1); /* Remove multiple slashes */
2.13 luotonen 413: }
1.1 timbl 414: }
2.17 frystyk 415: }
416: p++;
417: } /* end while (*p) */
418: } /* end if (p) */
1.1 timbl 419: }
2.19 frystyk 420: #endif /* OLD_CODE */
1.1 timbl 421:
422:
423: /* Make Relative Name
424: ** ------------------
425: **
426: ** This function creates and returns a string which gives an expression of
427: ** one address as related to another. Where there is no relation, an absolute
428: ** address is retured.
429: **
430: ** On entry,
431: ** Both names must be absolute, fully qualified names of nodes
432: ** (no anchor bits)
433: **
434: ** On exit,
435: ** The return result points to a newly allocated name which, if
436: ** parsed by HTParse relative to relatedName, will yield aName.
437: ** The caller is responsible for freeing the resulting name later.
438: **
439: */
2.32 frystyk 440: char * HTRelative ARGS2(CONST char *, aName, CONST char *, relatedName)
1.1 timbl 441: {
442: char * result = 0;
443: CONST char *p = aName;
444: CONST char *q = relatedName;
445: CONST char * after_access = 0;
446: CONST char * path = 0;
447: CONST char * last_slash = 0;
448: int slashes = 0;
449:
450: for(;*p; p++, q++) { /* Find extent of match */
451: if (*p!=*q) break;
452: if (*p==':') after_access = p+1;
453: if (*p=='/') {
454: last_slash = p;
455: slashes++;
456: if (slashes==3) path=p;
457: }
458: }
459:
460: /* q, p point to the first non-matching character or zero */
461:
462: if (!after_access) { /* Different access */
463: StrAllocCopy(result, aName);
464: } else if (slashes<3){ /* Different nodes */
465: StrAllocCopy(result, after_access);
2.29 frystyk 466: #if 0 /* Henrik */
1.1 timbl 467: } else if (slashes==3){ /* Same node, different path */
468: StrAllocCopy(result, path);
2.21 frystyk 469: #endif
1.1 timbl 470: } else { /* Some path in common */
471: int levels= 0;
472: for(; *q && (*q!='#'); q++) if (*q=='/') levels++;
473: result = (char *)malloc(3*levels + strlen(last_slash) + 1);
474: if (result == NULL) outofmem(__FILE__, "HTRelative");
475: result[0]=0;
476: for(;levels; levels--)strcat(result, "../");
477: strcat(result, last_slash+1);
478: }
2.31 frystyk 479: if (URI_TRACE) fprintf(stderr,
2.21 frystyk 480: "HTRelative.. `%s' expressed relative to `%s' is `%s'\n",
481: aName, relatedName, result);
1.1 timbl 482: return result;
483: }
2.1 timbl 484:
485:
2.31 frystyk 486: /* HTCanon
487: **
488: ** Canonicalizes the URL in the following manner starting from the host
489: ** pointer:
490: **
491: ** 1) The host name is converted to lowercase
492: ** 2) Expands the host name of the URL from a local name to a full
493: ** domain name. A host name is started by `://'.
494: **
495: ** Return: OK The position of the current path part of the URL
496: */
497: PUBLIC char *HTCanon ARGS2 (char **, filename, char *, host)
498: {
2.32 frystyk 499: char *newname = NULL;
2.31 frystyk 500: char *port;
501: char *strptr;
502: char *path;
2.36 frystyk 503: char *access = host-3;
2.31 frystyk 504:
2.36 frystyk 505: while (access>*filename && *(access-1)!='/') /* Find access method */
506: access--;
2.31 frystyk 507: if ((path = strchr(host, '/')) == NULL) /* Find path */
508: path = host + strlen(host);
509: if ((strptr = strchr(host, '@')) != NULL && strptr<path) /* UserId */
510: host = strptr;
511: port = strchr(host, ':'); /* Port number */
512:
513: strptr = host; /* Convert to lower-case */
514: while (strptr<path) {
515: *strptr = TOLOWER(*strptr);
516: strptr++;
517: }
518:
519: /* Does the URL contain a full domain name? This also works for a
520: numerical host name. The domain name is already made lower-case
521: and without a trailing dot. */
2.35 frystyk 522: if (((strptr = strchr(host, '.')) == NULL || strptr >= path) &&
523: strncasecomp(host, "localhost", 9)) {
2.31 frystyk 524: CONST char *domain = HTGetDomainName();
525: if (domain) {
2.32 frystyk 526: if ((newname = (char *) calloc(1, strlen(*filename) +
2.31 frystyk 527: strlen(domain)+2)) == NULL)
528: outofmem(__FILE__, "HTCanon");
529: if (port)
2.32 frystyk 530: strncpy(newname, *filename, (int) (port-*filename));
2.31 frystyk 531: else
2.32 frystyk 532: strncpy(newname, *filename, (int) (path-*filename));
533: strcat(newname, ".");
534: strcat(newname, domain);
2.31 frystyk 535: }
536: } else { /* Look for a trailing dot */
537: char *dot = port ? port : path;
538: if (dot > *filename && *--dot=='.') {
539: char *orig=dot, *dest=dot+1;
540: while((*orig++ = *dest++));
541: if (port) port--;
542: path--;
543: }
544: }
2.36 frystyk 545: /* Chop off port if `:80' (http), `:70' (gopher), or `:21' (ftp) */
546: if (port) {
547: if ((!strncmp(access, "http", 4) &&
548: (*(port+1)=='8'&&*(port+2)=='0'&&(*(port+3)=='/'||!*(port+3)))) ||
549: (!strncmp(access, "gopher", 6) &&
550: (*(port+1)=='7'&&*(port+2)=='0'&&(*(port+3)=='/'||!*(port+3)))) ||
551: (!strncmp(access, "ftp", 3) &&
552: (*(port+1)=='2'&&*(port+2)=='1'&&(*(port+3)=='/'||!*(port+3))))) {
553: if (!newname) {
554: char *orig=port, *dest=port+3;
555: while((*orig++ = *dest++));
556: }
557: } else if (newname)
558: strncat(newname, port, (int) (path-port));
559: }
560:
2.32 frystyk 561: if (newname) {
562: char *newpath = newname+strlen(newname);
563: strcat(newname, path);
2.31 frystyk 564: path = newpath;
565: free(*filename); /* Free old copy */
2.32 frystyk 566: *filename = newname;
2.31 frystyk 567: }
568: return path;
569: }
570:
571:
2.6 timbl 572: /* Escape undesirable characters using % HTEscape()
573: ** -------------------------------------
574: **
575: ** This function takes a pointer to a string in which
576: ** some characters may be unacceptable unescaped.
577: ** It returns a string which has these characters
578: ** represented by a '%' character followed by two hex digits.
579: **
2.20 timbl 580: ** In the tradition of being conservative in what you do and liberal
581: ** in what you accept, we encode some characters which in fact are
582: ** allowed in URLs unencoded -- so DON'T use the table below for
583: ** parsing!
584: **
2.6 timbl 585: ** Unlike HTUnEscape(), this routine returns a malloced string.
2.20 timbl 586: **
2.6 timbl 587: */
588:
2.20 timbl 589: /* Not BOTH static AND const at the same time in gcc :-(, Henrik 18/03-94
590: ** code gen error in gcc when making random access to
591: ** static const table(!!) */
2.19 frystyk 592: /* PRIVATE CONST unsigned char isAcceptable[96] = */
593: PRIVATE unsigned char isAcceptable[96] =
2.6 timbl 594:
2.20 timbl 595: /* Overencodes */
2.6 timbl 596: /* Bit 0 xalpha -- see HTFile.h
597: ** Bit 1 xpalpha -- as xalpha but with plus.
2.20 timbl 598: ** Bit 2 ... path -- as xpalpha but with /
2.6 timbl 599: */
600: /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */
601: { 0,0,0,0,0,0,0,0,0,0,7,6,0,7,7,4, /* 2x !"#$%&'()*+,-./ */
602: 7,7,7,7,7,7,7,7,7,7,0,0,0,0,0,0, /* 3x 0123456789:;<=>? */
603: 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 4x @ABCDEFGHIJKLMNO */
604: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,7, /* 5X PQRSTUVWXYZ[\]^_ */
605: 0,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, /* 6x `abcdefghijklmno */
606: 7,7,7,7,7,7,7,7,7,7,7,0,0,0,0,0 }; /* 7X pqrstuvwxyz{\}~ DEL */
607:
608: PRIVATE char *hex = "0123456789ABCDEF";
609:
2.8 timbl 610: PUBLIC char * HTEscape ARGS2 (CONST char *, str,
2.6 timbl 611: unsigned char, mask)
612: {
613: #define ACCEPTABLE(a) ( a>=32 && a<128 && ((isAcceptable[a-32]) & mask))
614: CONST char * p;
615: char * q;
616: char * result;
617: int unacceptable = 0;
618: for(p=str; *p; p++)
619: if (!ACCEPTABLE((unsigned char)TOASCII(*p)))
620: unacceptable++;
621: result = (char *) malloc(p-str + unacceptable+ unacceptable + 1);
622: if (result == NULL) outofmem(__FILE__, "HTEscape");
623: for(q=result, p=str; *p; p++) {
624: unsigned char a = TOASCII(*p);
625: if (!ACCEPTABLE(a)) {
626: *q++ = HEX_ESCAPE; /* Means hex commming */
627: *q++ = hex[a >> 4];
628: *q++ = hex[a & 15];
629: }
630: else *q++ = *p;
631: }
632: *q++ = 0; /* Terminate */
633: return result;
634: }
635:
636:
2.1 timbl 637: /* Decode %xx escaped characters HTUnEscape()
638: ** -----------------------------
639: **
640: ** This function takes a pointer to a string in which some
641: ** characters may have been encoded in %xy form, where xy is
642: ** the acsii hex code for character 16x+y.
643: ** The string is converted in place, as it will never grow.
644: */
645:
646: PRIVATE char from_hex ARGS1(char, c)
647: {
2.6 timbl 648: return c >= '0' && c <= '9' ? c - '0'
649: : c >= 'A' && c <= 'F'? c - 'A' + 10
650: : c - 'a' + 10; /* accept small letters just in case */
2.1 timbl 651: }
652:
653: PUBLIC char * HTUnEscape ARGS1( char *, str)
654: {
655: char * p = str;
656: char * q = str;
2.25 frystyk 657:
658: if (!str) { /* Just for safety ;-) */
2.31 frystyk 659: if (URI_TRACE)
2.25 frystyk 660: fprintf(stderr, "HTUnEscape.. Called with NULL argument.\n");
661: return "";
662: }
2.1 timbl 663: while(*p) {
2.6 timbl 664: if (*p == HEX_ESCAPE) {
2.1 timbl 665: p++;
666: if (*p) *q = from_hex(*p++) * 16;
667: if (*p) *q = FROMASCII(*q + from_hex(*p++));
668: q++;
669: } else {
670: *q++ = *p++;
671: }
672: }
673:
674: *q++ = 0;
675: return str;
676:
677: } /* HTUnEscape */
678:
679:
2.24 luotonen 680: /* HTCleanTelnetString()
681: * Make sure that the given string doesn't contain characters that
682: * could cause security holes, such as newlines in ftp, gopher,
683: * news or telnet URLs; more specifically: allows everything between
2.26 frystyk 684: * ASCII 20-7E, and also A0-FE, inclusive. Also TAB ('\t') allowed!
2.24 luotonen 685: *
686: * On entry,
687: * str the string that is *modified* if necessary. The
688: * string will be truncated at the first illegal
689: * character that is encountered.
690: * On exit,
691: * returns YES, if the string was modified.
692: * NO, otherwise.
693: */
694: PUBLIC BOOL HTCleanTelnetString ARGS1(char *, str)
695: {
696: char * cur = str;
697:
698: if (!str) return NO;
699:
700: while (*cur) {
701: int a = TOASCII(*cur);
2.26 frystyk 702: if (a != 0x9 && (a < 0x20 || (a > 0x7E && a < 0xA0) || a > 0xFE)) {
2.31 frystyk 703: if (URI_TRACE)
704: fprintf(stderr, "Illegal..... character in URL: \"%s\"\n",str);
2.24 luotonen 705: *cur = 0;
2.31 frystyk 706: if (URI_TRACE)
707: fprintf(stderr, "Truncated... \"%s\"\n",str);
2.24 luotonen 708: return YES;
709: }
710: cur++;
711: }
712: return NO;
713: }
714:
Webmaster