File: html_quote.c

package info (click to toggle)
squid 2.6.5-6etch5
  • links: PTS
  • area: main
  • in suites: etch
  • size: 12,540 kB
  • ctags: 13,801
  • sloc: ansic: 105,278; sh: 6,083; makefile: 1,297; perl: 1,245; awk: 40
file content (125 lines) | stat: -rw-r--r-- 3,230 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
/*
 * $Id: html_quote.c,v 1.5 2005/05/17 16:56:36 hno Exp $
 * 
 * DEBUG:
 * AUTHOR: Robert Collins
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *  
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *  
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

#include "config.h"

#if HAVE_STDIO_H
#include <stdio.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif

#include "util.h"
#include "snprintf.h"

/*  
 *  HTML defines these characters as special entities that should be quoted.
 */
static struct {
    unsigned char code;
    const char *quote;
} htmlstandardentities[] =

{
    /* NOTE: The quoted form MUST not be larger than 6 character.
     * see close to the MemPool commend below
     */
    {
	'<', "&lt;"
    },
    {
	'>', "&gt;"
    },
    {
	'"', "&quot;"
    },
    {
	'&', "&amp;"
    },
    {
	'\'', "&#39;"
    },
    {
	0, NULL
    }
};

/*
 *  html_do_quote - Returns a static buffer containing the quoted 
 *  string.
 */
char *
html_quote(const char *string)
{
    static char *buf;
    static size_t bufsize = 0;
    const char *src;
    char *dst;
    int i;

    /* XXX This really should be implemented using a MemPool, but
     * MemPools are not yet available in lib...
     */
    if (buf == NULL || strlen(string) * 6 > bufsize) {
	xfree(buf);
	bufsize = strlen(string) * 6 + 1;
	buf = xcalloc(bufsize, 1);
    }
    for (src = string, dst = buf; *src; src++) {
	const char *escape = NULL;
	const unsigned char ch = *src;

	/* Walk thru the list of HTML Entities that must be quoted to
	 * display safely
	 */
	for (i = 0; htmlstandardentities[i].code; i++) {
	    if (ch == htmlstandardentities[i].code) {
		escape = htmlstandardentities[i].quote;
		break;
	    }
	}
	if (escape) {
	    /* Ok, An escaped form was found above. Use it */
	    strncpy(dst, escape, 6);
	    dst += strlen(escape);
	} else {
	    /* Apparently there is no need to escape this character */
	    *dst++ = ch;
	}
    }
    /* Nullterminate and return the result */
    *dst = '\0';
    return (buf);
}