Klaus Demo nginx / 1730c75
ngx_escape_html() Igor Sysoev 14 years ago
2 changed file(s) with 63 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
+61
-0
src/core/ngx_string.c less more
12981298 }
12991299
13001300
1301 uintptr_t
1302 ngx_escape_html(u_char *dst, u_char *src, size_t size)
1303 {
1304 u_char ch;
1305 ngx_uint_t i, len;
1306
1307 if (dst == NULL) {
1308
1309 len = 0;
1310
1311 for (i = 0; i < size; i++) {
1312 switch (*src++) {
1313
1314 case '<':
1315 len += sizeof("&lt;") - 2;
1316 break;
1317
1318 case '>':
1319 len += sizeof("&gt;") - 2;
1320 break;
1321
1322 case '&':
1323 len += sizeof("&amp;") - 2;
1324 break;
1325
1326 default:
1327 break;
1328 }
1329 }
1330
1331 return (uintptr_t) len;
1332 }
1333
1334 for (i = 0; i < size; i++) {
1335 ch = *src++;
1336
1337 switch (ch) {
1338
1339 case '<':
1340 *dst++ = '&'; *dst++ = 'l'; *dst++ = 't'; *dst++ = ';';
1341 break;
1342
1343 case '>':
1344 *dst++ = '&'; *dst++ = 'g'; *dst++ = 't'; *dst++ = ';';
1345 break;
1346
1347 case '&':
1348 *dst++ = '&'; *dst++ = 'a'; *dst++ = 'm'; *dst++ = 'p';
1349 *dst++ = ';';
1350 break;
1351
1352 default:
1353 *dst++ = ch;
1354 break;
1355 }
1356 }
1357
1358 return (uintptr_t) dst;
1359 }
1360
1361
13011362 /* ngx_sort() is implemented as insertion sort because we need stable sort */
13021363
13031364 void
+2
-0
src/core/ngx_string.h less more
164164 uintptr_t ngx_escape_uri(u_char *dst, u_char *src, size_t size,
165165 ngx_uint_t type);
166166 void ngx_unescape_uri(u_char **dst, u_char **src, size_t size, ngx_uint_t type);
167 uintptr_t ngx_escape_html(u_char *dst, u_char *src, size_t size);
168
167169
168170
169171 void ngx_sort(void *base, size_t n, size_t size,