Mercurial > hg > nginx-quic
comparison src/core/ngx_string.c @ 1298:458e041fc902
msie_refresh should escape at least '"' to prevent XSS
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Fri, 13 Jul 2007 09:37:01 +0000 |
parents | 4ec0bc95172b |
children | 33d6c994a0b2 |
comparison
equal
deleted
inserted
replaced
1297:4ec0bc95172b | 1298:458e041fc902 |
---|---|
1037 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | 1037 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ |
1038 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | 1038 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ |
1039 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | 1039 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ |
1040 }; | 1040 }; |
1041 | 1041 |
1042 | 1042 /* " ", """, "'", %00-%1F, %7F-%FF */ |
1043 switch (type) { | 1043 |
1044 case NGX_ESCAPE_HTML: | 1044 static uint32_t refresh[] = { |
1045 escape = html; | 1045 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ |
1046 break; | 1046 |
1047 case NGX_ESCAPE_ARGS: | 1047 /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ |
1048 escape = args; | 1048 0x00000085, /* 0000 0000 0000 0000 0000 0000 1000 0101 */ |
1049 break; | 1049 |
1050 default: | 1050 /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ |
1051 escape = uri; | 1051 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ |
1052 break; | 1052 |
1053 } | 1053 /* ~}| {zyx wvut srqp onml kjih gfed cba` */ |
1054 0x80000000, /* 1000 0000 0000 0000 0000 0000 0000 0000 */ | |
1055 | |
1056 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | |
1057 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | |
1058 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | |
1059 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ | |
1060 }; | |
1061 | |
1062 static uint32_t *map[] = { uri, args, html, refresh }; | |
1063 | |
1064 | |
1065 escape = map[type]; | |
1054 | 1066 |
1055 if (dst == NULL) { | 1067 if (dst == NULL) { |
1056 | 1068 |
1057 /* find the number of the characters to be escaped */ | 1069 /* find the number of the characters to be escaped */ |
1058 | 1070 |