html.c: add html_url_arg

This function can be used to properly escape querystring parameter values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
author: Lars Hjemli 2008-10-05 12:49:46 +0200
committer: Lars Hjemli 2008-10-05 12:49:46 +0200
commit: a36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch)
tree: ab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599 /html.c
parent: f82b19407dd876e6c02a572615bf34b09f6fa831 (diff)
download: cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2
cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip
1 files changed, 16 insertions, 0 deletions
diff --git a/html.c b/html.c
index 36e9a2f..167127f 100644
--- a/html.c
+++ b/html.c
@@ -128,6 +128,22 @@ void html_attr(char *txt)
                html(txt);
 }
+void html_url_arg(char *txt)
+{
+        char *t = txt;
+        while(t && *t){
+                int c = *t;
+                if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') {
+                        write(htmlfd, txt, t - txt);
+                        write(htmlfd, fmt("%%%2x", c), 3);
+                        txt = t+1;
+                }
+                t++;
+        }
+        if (t!=txt)
+                html(txt);
+}
 void html_hidden(char *name, char *value)
 {
        html("<input type='hidden' name='");
author	Lars Hjemli	2008-10-05 12:49:46 +0200
committer	Lars Hjemli	2008-10-05 12:49:46 +0200
commit	a36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch)
tree	ab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599 /html.c
parent	f82b19407dd876e6c02a572615bf34b09f6fa831 (diff)
download	cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2 cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip

diff --git a/html.c b/html.c index 36e9a2f..167127f 100644 --- a/html.c +++ b/html.c
@@ -128,6 +128,22 @@ void html_attr(char *txt)
128	html(txt);	128	html(txt);
129	}	129	}
130		130
		131	void html_url_arg(char *txt)
		132	{
		133	char *t = txt;
		134	while(t && *t){
		135	int c = *t;
		136	if (c=='"' \|\| c=='#' \|\| c=='%' \|\| c=='&' \|\| c=='\'' \|\| c=='+' \|\| c=='?') {
		137	write(htmlfd, txt, t - txt);
		138	write(htmlfd, fmt("%%%2x", c), 3);
		139	txt = t+1;
		140	}
		141	t++;
		142	}
		143	if (t!=txt)
		144	html(txt);
		145	}
		146
131	void html_hidden(char name, char value)	147	void html_hidden(char name, char value)
132	{	148	{
133	html("<input type='hidden' name='");	149	html("<input type='hidden' name='");