Mercurial > hg > nginx-quic
comparison src/core/ngx_string.c @ 4312:0a8e51a16484
Added escaping of double quotes in ngx_escape_html().
Patch by Zaur Abasmirzoev.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 25 Nov 2011 16:36:02 +0000 |
parents | 9679fc14c063 |
children | d620f497c50f |
comparison
equal
deleted
inserted
replaced
4311:45272aab5eea | 4312:0a8e51a16484 |
---|---|
1655 | 1655 |
1656 case '&': | 1656 case '&': |
1657 len += sizeof("&") - 2; | 1657 len += sizeof("&") - 2; |
1658 break; | 1658 break; |
1659 | 1659 |
1660 case '"': | |
1661 len += sizeof(""") - 2; | |
1662 break; | |
1663 | |
1660 default: | 1664 default: |
1661 break; | 1665 break; |
1662 } | 1666 } |
1663 size--; | 1667 size--; |
1664 } | 1668 } |
1680 break; | 1684 break; |
1681 | 1685 |
1682 case '&': | 1686 case '&': |
1683 *dst++ = '&'; *dst++ = 'a'; *dst++ = 'm'; *dst++ = 'p'; | 1687 *dst++ = '&'; *dst++ = 'a'; *dst++ = 'm'; *dst++ = 'p'; |
1684 *dst++ = ';'; | 1688 *dst++ = ';'; |
1689 break; | |
1690 | |
1691 case '"': | |
1692 *dst++ = '&'; *dst++ = 'q'; *dst++ = 'u'; *dst++ = 'o'; | |
1693 *dst++ = 't'; *dst++ = ';'; | |
1685 break; | 1694 break; |
1686 | 1695 |
1687 default: | 1696 default: |
1688 *dst++ = ch; | 1697 *dst++ = ch; |
1689 break; | 1698 break; |