Mercurial > hg > nginx-vendor-1-0
diff src/core/ngx_string.c @ 642:1b80544421e8 NGINX_1_0_11
nginx 1.0.11
*) Change: now double quotes are encoded in an "echo" SSI-command
output.
Thanks to Zaur Abasmirzoev.
*) Feature: the "image_filter_sharpen" directive.
*) Bugfix: a segmentation fault might occur in a worker process if SNI
was used; the bug had appeared in 1.0.9.
*) Bugfix: SIGWINCH signal did not work after first binary upgrade; the
bug had appeared in 1.0.9.
*) Bugfix: the "If-Modified-Since", "If-Range", etc. client request
header lines might be passed to backend while caching; or not passed
without caching if caching was enabled in another part of the
configuration.
*) Bugfix: in the "scgi_param" directive, if complex parameters were
used.
*) Bugfix: "add_header" and "expires" directives did not work if a
request was proxied and response status code was 206.
*) Bugfix: in the "expires @time" directive.
*) Bugfix: in the ngx_http_flv_module.
Thanks to Piotr Sikora.
*) Bugfix: in the ngx_http_mp4_module.
*) Bugfix: nginx could not be built on FreeBSD 10.
*) Bugfix: nginx could not be built on AIX.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Thu, 15 Dec 2011 00:00:00 +0400 |
parents | 692f4d4d7f10 |
children | ad25218fd14b |
line wrap: on
line diff
--- a/src/core/ngx_string.c +++ b/src/core/ngx_string.c @@ -1657,6 +1657,10 @@ ngx_escape_html(u_char *dst, u_char *src len += sizeof("&") - 2; break; + case '"': + len += sizeof(""") - 2; + break; + default: break; } @@ -1684,6 +1688,11 @@ ngx_escape_html(u_char *dst, u_char *src *dst++ = ';'; break; + case '"': + *dst++ = '&'; *dst++ = 'q'; *dst++ = 'u'; *dst++ = 'o'; + *dst++ = 't'; *dst++ = ';'; + break; + default: *dst++ = ch; break;