diff options
| author |  Adam Chlipala <adamc@hcoop.net> | 2010-05-18 14:47:56 -0400 |
|---|---|---|
| committer | Adam Chlipala <adamc@hcoop.net> | 2010-05-18 14:47:56 -0400 |
| commit | 25792a154d53d515917c41256610a03a0a9de5f9 (patch) | |
| tree | 3e8963a10acbb1574ae8f981a1fe663684ab82f2 /src | |
| parent | e5c543adfe4a27b347ce2e78a94727f1e50c8f43 (diff) | |
URL-escape with '.' instead of '%', to avoid confusing proxies
Diffstat (limited to 'src')
| -rw-r--r-- | src/c/urweb.c | 18 | ||||
| -rw-r--r-- | src/mono_opt.sml | 4 |
2 files changed, 17 insertions, 5 deletions
diff --git a/src/c/urweb.c b/src/c/urweb.c index 6815c85b..141aa06b 100644 --- a/src/c/urweb.c +++ b/src/c/urweb.c @@ -1687,7 +1687,7 @@ char *uw_Basis_urlifyString(uw_context ctx, uw_Basis_string s) { else if (isalnum(c)) *p++ = c; else { - sprintf(p, "%%%02X", c); + sprintf(p, ".%02X", c); p += 3; } } @@ -1764,7 +1764,7 @@ uw_unit uw_Basis_urlifyString_w(uw_context ctx, uw_Basis_string s) { else if (isalnum(c)) uw_writec_unsafe(ctx, c); else { - sprintf(ctx->page.front, "%%%02X", c); + sprintf(ctx->page.front, ".%02X", c); ctx->page.front += 3; } } @@ -1822,7 +1822,7 @@ static uw_Basis_string uw_unurlifyString_to(int fromClient, uw_context ctx, char if (!fromClient) { if (*s2 == '_') ++s2; - else if (s2[0] == '%' && s2[1] == '5' && (s2[2] == 'f' || s2[2] == 'F')) + else if ((s2[0] == '%' || s2[0] == '.') && s2[1] == '5' && (s2[2] == 'f' || s2[2] == 'F')) s2 += 3; } @@ -1843,6 +1843,18 @@ static uw_Basis_string uw_unurlifyString_to(int fromClient, uw_context ctx, char *s1 = n; s2 += 2; break; + case '.': + if (!fromClient) { + if (s2[1] == 0) + uw_error(ctx, FATAL, "Missing first character of escaped URL byte"); + if (s2[2] == 0) + uw_error(ctx, FATAL, "Missing second character of escaped URL byte"); + if (sscanf(s2+1, "%02X", &n) != 1) + uw_error(ctx, FATAL, "Invalid escaped URL byte starting at: %s", s2); + *s1 = n; + s2 += 2; + break; + } default: *s1 = c; } diff --git a/src/mono_opt.sml b/src/mono_opt.sml index fb6ff264..cf1b1cfe 100644 --- a/src/mono_opt.sml +++ b/src/mono_opt.sml @@ -1,4 +1,4 @@ -(* Copyright (c) 2008, Adam Chlipala +(* Copyright (c) 2008-2010, Adam Chlipala * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -86,7 +86,7 @@ fun urlifyString s = | ch => if Char.isAlphaNum ch then str ch else - "%" ^ hexIt ch) s + "." ^ hexIt ch) s fun sqlifyInt n = #p_cast (Settings.currentDbms ()) (attrifyInt n, Settings.Int) |