changeset
xml escape href value in propfind response
Mon, 09 May 2022 20:56:44 +0200
- author
- Olaf Wintermann <olaf.wintermann@gmail.com>
- date
- Mon, 09 May 2022 20:56:44 +0200
- branch
- webdav
- changeset 349
- 7bf652914e9b
- parent 348
- bdd31584141f
- child 350
- abba342112c2
xml escape href value in propfind response
| src/server/webdav/multistatus.c | file | annotate | diff | comparison | revisions |
--- a/src/server/webdav/multistatus.c Mon May 09 20:06:27 2022 +0200 +++ b/src/server/webdav/multistatus.c Mon May 09 20:56:44 2022 +0200 @@ -92,6 +92,56 @@ writer_putc(out, '\"'); } +static void send_string_escaped(Writer *out, sstr_t str) { + char *begin = str.ptr; + char *end = begin; + char *escape = NULL; + int esclen; + for(size_t i=0;i<str.length;i++) { + char c = str.ptr[i]; + end = str.ptr + i; + switch(c) { + case '"': { + escape = """; + esclen = 6; + break; + } + case '&': { + escape = "&"; + esclen = 5; + break; + } + case '\'': { + escape = "'"; + esclen = 6; + break; + } + case '<': { + escape = "<"; + esclen = 4; + break; + } + case '>': { + escape = ">"; + esclen = 4; + break; + } + default: continue; + } + ptrdiff_t len = end - begin; + if(len > 0) { + writer_put(out, begin, len); + begin = end + 1; + } + writer_put(out, escape, esclen); + } + ptrdiff_t len = end - begin; + if(len > 0) { + writer_put(out, begin, len + 1); + begin = end + 1; + } +} + static int send_property( Multistatus *ms, WebdavProperty *property, @@ -184,7 +234,8 @@ static int send_response_tag(Multistatus *ms, MSResponse *rp, Writer *out) { writer_puts(out, S(" <D:response>\n" " <D:href>")); - writer_puts(out, sstr(rp->resource.href)); + //writer_puts(out, sstr(rp->resource.href)); + send_string_escaped(out, sstr(rp->resource.href)); writer_puts(out, S("</D:href>\n")); WSBool writeContent = ms->proppatch ? FALSE : TRUE;
