# HG changeset patch # User Igor Sysoev # Date 1190885810 0 # Node ID 998c44b19e30a995ded3c38a65ff0af87fe3637a # Parent 8596627c4cc5cf748736a24865836806a7fc114e ngx_escape_html() diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c --- a/src/core/ngx_string.c +++ b/src/core/ngx_string.c @@ -1299,6 +1299,67 @@ done: } +uintptr_t +ngx_escape_html(u_char *dst, u_char *src, size_t size) +{ + u_char ch; + ngx_uint_t i, len; + + if (dst == NULL) { + + len = 0; + + for (i = 0; i < size; i++) { + switch (*src++) { + + case '<': + len += sizeof("<") - 2; + break; + + case '>': + len += sizeof(">") - 2; + break; + + case '&': + len += sizeof("&") - 2; + break; + + default: + break; + } + } + + return (uintptr_t) len; + } + + for (i = 0; i < size; i++) { + ch = *src++; + + switch (ch) { + + case '<': + *dst++ = '&'; *dst++ = 'l'; *dst++ = 't'; *dst++ = ';'; + break; + + case '>': + *dst++ = '&'; *dst++ = 'g'; *dst++ = 't'; *dst++ = ';'; + break; + + case '&': + *dst++ = '&'; *dst++ = 'a'; *dst++ = 'm'; *dst++ = 'p'; + *dst++ = ';'; + break; + + default: + *dst++ = ch; + break; + } + } + + return (uintptr_t) dst; +} + + /* ngx_sort() is implemented as insertion sort because we need stable sort */ void diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h --- a/src/core/ngx_string.h +++ b/src/core/ngx_string.h @@ -165,6 +165,8 @@ u_char *ngx_utf_cpystrn(u_char *dst, u_c uintptr_t ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type); void ngx_unescape_uri(u_char **dst, u_char **src, size_t size, ngx_uint_t type); +uintptr_t ngx_escape_html(u_char *dst, u_char *src, size_t size); + void ngx_sort(void *base, size_t n, size_t size,