httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n..@apache.org
Subject svn commit: r730296 - in /httpd/httpd/trunk: CHANGES include/ap_mmn.h include/httpd.h modules/filters/mod_include.c server/util.c
Date Wed, 31 Dec 2008 02:27:25 GMT
Author: niq
Date: Tue Dec 30 18:27:24 2008
New Revision: 730296

URL: http://svn.apache.org/viewvc?rev=730296&view=rev
Log:
Add support for escaping all non-ascii chars to ap_escape_html, and use
it to fix PR#25202: encoding="entity" doesn't work as advertised in
mod_include.
For backport, this'll need an ABI-preserving version that'll be
a minor MMN bump.  But if we do that in /trunk/, it'll never change.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/include/ap_mmn.h
    httpd/httpd/trunk/include/httpd.h
    httpd/httpd/trunk/modules/filters/mod_include.c
    httpd/httpd/trunk/server/util.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=730296&r1=730295&r2=730296&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Dec 30 18:27:24 2008
@@ -2,6 +2,12 @@
 Changes with Apache 2.3.1
 [ When backported to 2.2.x, remove entry from this file ]
 
+ *) mod_include: support generating non-ASCII characters as entities in SSI
+    PR 25202 [Nick Kew]
+
+ *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
+    PR 25202 [Nick Kew]
+
  *) mod_rewrite: fix "B" flag breakage by reverting r5589343
     PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
 

Modified: httpd/httpd/trunk/include/ap_mmn.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/ap_mmn.h?rev=730296&r1=730295&r2=730296&view=diff
==============================================================================
--- httpd/httpd/trunk/include/ap_mmn.h (original)
+++ httpd/httpd/trunk/include/ap_mmn.h Tue Dec 30 18:27:24 2008
@@ -184,6 +184,8 @@
  * 20081201.0 (2.3.0-dev)  Rename several APIs to include ap_ prefix.
  * 20081201.1 (2.3.0-dev)  Added ap_args_to_table and ap_body_to_table.
  * 20081212.0 (2.3.0-dev)  Remove sb_type from process_score in scoreboard.h.
+ * 20081231.0 (2.3.0-dev)  Switch ap_escape_html API: add ap_escape_html2,
+ *                         and make ap_escape_html a macro for it.
  */
 
 #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */

Modified: httpd/httpd/trunk/include/httpd.h
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/include/httpd.h?rev=730296&r1=730295&r2=730296&view=diff
==============================================================================
--- httpd/httpd/trunk/include/httpd.h (original)
+++ httpd/httpd/trunk/include/httpd.h Tue Dec 30 18:27:24 2008
@@ -1519,7 +1519,15 @@
  * @param s The html to escape
  * @return The escaped string
  */
-AP_DECLARE(char *) ap_escape_html(apr_pool_t *p, const char *s);
+#define ap_escape_html(p,s) ap_escape_html2(p,s,0)
+/**
+ * Escape an html string
+ * @param p The pool to allocate from
+ * @param s The html to escape
+ * @param toasc Whether to escape all non-ASCII chars to &#nnn;
+ * @return The escaped string
+ */
+AP_DECLARE(char *) ap_escape_html2(apr_pool_t *p, const char *s, int toasc);
 
 /**
  * Escape a string for logging

Modified: httpd/httpd/trunk/modules/filters/mod_include.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/filters/mod_include.c?rev=730296&r1=730295&r2=730296&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/filters/mod_include.c (original)
+++ httpd/httpd/trunk/modules/filters/mod_include.c Tue Dec 30 18:27:24 2008
@@ -1192,7 +1192,8 @@
                     echo_text = ap_escape_uri(ctx->dpool, val);
                     break;
                 case E_ENTITY:
-                    echo_text = ap_escape_html(ctx->dpool, val);
+                    /* PR#25202: escape anything non-ascii here */
+                    echo_text = ap_escape_html2(ctx->dpool, val, 1);
                     break;
                 }
 

Modified: httpd/httpd/trunk/server/util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util.c?rev=730296&r1=730295&r2=730296&view=diff
==============================================================================
--- httpd/httpd/trunk/server/util.c (original)
+++ httpd/httpd/trunk/server/util.c Tue Dec 30 18:27:24 2008
@@ -1738,7 +1738,7 @@
 
 /* ap_escape_uri is now a macro for os_escape_path */
 
-AP_DECLARE(char *) ap_escape_html(apr_pool_t *p, const char *s)
+AP_DECLARE(char *) ap_escape_html2(apr_pool_t *p, const char *s, int toasc)
 {
     int i, j;
     char *x;
@@ -1751,6 +1751,8 @@
             j += 4;
         else if (s[i] == '"')
             j += 5;
+        else if (toasc && !apr_isascii(s[i]))
+            j += 5;
 
     if (j == 0)
         return apr_pstrmemdup(p, s, i);
@@ -1773,13 +1775,17 @@
             memcpy(&x[j], "&quot;", 6);
             j += 5;
         }
+        else if (toasc && !apr_isascii(s[i])) {
+            char *esc = apr_psprintf(p, "&#%3.3d;", (unsigned char)s[i]);
+            memcpy(&x[j], esc, 6);
+            j += 5;
+        }
         else
             x[j] = s[i];
 
     x[j] = '\0';
     return x;
 }
-
 AP_DECLARE(char *) ap_escape_logitem(apr_pool_t *p, const char *str)
 {
     char *ret;



Mime
View raw message