content-parser: encode html entities found in code blocks (fixes #3)

author: Rafael G. Martins <rafael@rafaelmartins.eng.br> 2016-01-22 19:29:57 +0100
committer: Rafael G. Martins <rafael@rafaelmartins.eng.br> 2016-01-22 19:30:47 +0100
commit: cb132cf02e57f57f4507fbc0126481629d83f209 (patch)
tree: b6f77c8cb4033b2c0b84d12443444d0e2efff979
parent: 06d8ca94860f4a795995d811cef477969baa2331 (diff)
download: blogc-cb132cf02e57f57f4507fbc0126481629d83f209.tar.gz
blogc-cb132cf02e57f57f4507fbc0126481629d83f209.tar.bz2
blogc-cb132cf02e57f57f4507fbc0126481629d83f209.zip
3 files changed, 55 insertions, 6 deletions
diff --git a/src/content-parser.c b/src/content-parser.c
index b22eb70..5b85586 100644
--- a/src/content-parser.c
+++ b/src/content-parser.c
@@ -41,6 +41,40 @@ blogc_slugify(const char *str)
 }
 
 
+char*
+blogc_htmlentities(const char *str)
+{
+    if (str == NULL)
+        return NULL;
+    b_string_t *rv = b_string_new();
+    for (unsigned int i = 0; str[i] != '\0'; i++) {
+        switch (str[i]) {
+            case '&':
+                b_string_append(rv, "&amp;");
+                break;
+            case '<':
+                b_string_append(rv, "&lt;");
+                break;
+            case '>':
+                b_string_append(rv, "&gt;");
+                break;
+            case '"':
+                b_string_append(rv, "&quot;");
+                break;
+            case '\'':
+                b_string_append(rv, "&#x27;");
+                break;
+            case '/':
+                b_string_append(rv, "&#x2F;");
+                break;
+            default:
+                b_string_append_c(rv, str[i]);
+        }
+    }
+    return b_string_free(rv, false);
+}
+
+
 typedef enum {
     CONTENT_START_LINE = 1,
     CONTENT_EXCERPT,
@@ -698,11 +732,13 @@ blogc_content_parse(const char *src, size_t *end_excerpt)
                 if (c == '\n' || c == '\r' || is_last) {
                     b_string_append(rv, "<pre><code>");
                     for (b_slist_t *l = lines; l != NULL; l = l->next) {
+                        char *tmp_line = blogc_htmlentities(l->data);
                         if (l->next == NULL)
-                            b_string_append_printf(rv, "%s", l->data);
+                            b_string_append_printf(rv, "%s", tmp_line);
                         else
-                            b_string_append_printf(rv, "%s%s", l->data,
+                            b_string_append_printf(rv, "%s%s", tmp_line,
                                 line_ending);
+                        free(tmp_line);
                     }
                     b_string_append_printf(rv, "</code></pre>%s", line_ending);
                     b_slist_free_full(lines, free);
diff --git a/src/content-parser.h b/src/content-parser.h
index 5802594..6617bb4 100644
--- a/src/content-parser.h
+++ b/src/content-parser.h
@@ -13,6 +13,7 @@
 #include <stdbool.h>
 
 char* blogc_slugify(const char *str);
+char* blogc_htmlentities(const char *str);
 char* blogc_content_parse_inline(const char *src);
 bool blogc_is_ordered_list_item(const char *str, size_t prefix_len);
 char* blogc_content_parse(const char *src, size_t *end_excerpt);
diff --git a/tests/check_content_parser.c b/tests/check_content_parser.c
index 8ed9520..970ec5c 100644
--- a/tests/check_content_parser.c
+++ b/tests/check_content_parser.c
@@ -49,6 +49,17 @@ test_slugify(void **state)
 
 
 static void
+test_htmlentities(void **state)
+{
+    char *s = blogc_htmlentities(NULL);
+    assert_null(s);
+    s = blogc_htmlentities("asdxcv & < > \" 'sfd/gf");
+    assert_string_equal(s, "asdxcv &amp; &lt; &gt; &quot; &#x27;sfd&#x2F;gf");
+    free(s);
+}
+
+
+static void
 test_is_ordered_list_item(void **state)
 {
     assert_true(blogc_is_ordered_list_item("1.bola", 2));
@@ -87,7 +98,7 @@ test_content_parse(void **state)
         ">  \n"
         ">    asd\n"
         "\n"
-        "    bola\n"
+        "    <asd>bola</asd>\n"
         "     asd\n"
         "    qwewer\n"
         "\n"
@@ -122,7 +133,7 @@ test_content_parse(void **state)
         "buga</p>\n"
         "<pre><code>asd</code></pre>\n"
         "</blockquote>\n"
-        "<pre><code>bola\n"
+        "<pre><code>&lt;asd&gt;bola&lt;&#x2F;asd&gt;\n"
         " asd\n"
         "qwewer</code></pre>\n"
         "<hr />\n"
@@ -165,7 +176,7 @@ test_content_parse_crlf(void **state)
         ">  \r\n"
         ">    asd\r\n"
         "\r\n"
-        "    bola\r\n"
+        "    <asd>bola</asd>\r\n"
         "     asd\r\n"
         "    qwewer\r\n"
         "\r\n"
@@ -200,7 +211,7 @@ test_content_parse_crlf(void **state)
         "buga</p>\r\n"
         "<pre><code>asd</code></pre>\r\n"
         "</blockquote>\r\n"
-        "<pre><code>bola\r\n"
+        "<pre><code>&lt;asd&gt;bola&lt;&#x2F;asd&gt;\r\n"
         " asd\r\n"
         "qwewer</code></pre>\r\n"
         "<hr />\r\n"
@@ -1663,6 +1674,7 @@ main(void)
 {
     const UnitTest tests[] = {
         unit_test(test_slugify),
+        unit_test(test_htmlentities),
         unit_test(test_is_ordered_list_item),
         unit_test(test_content_parse),
         unit_test(test_content_parse_crlf),
author	Rafael G. Martins <rafael@rafaelmartins.eng.br>	2016-01-22 19:29:57 +0100
committer	Rafael G. Martins <rafael@rafaelmartins.eng.br>	2016-01-22 19:30:47 +0100
commit	cb132cf02e57f57f4507fbc0126481629d83f209 (patch)
tree	b6f77c8cb4033b2c0b84d12443444d0e2efff979
parent	06d8ca94860f4a795995d811cef477969baa2331 (diff)
download	blogc-cb132cf02e57f57f4507fbc0126481629d83f209.tar.gz blogc-cb132cf02e57f57f4507fbc0126481629d83f209.tar.bz2 blogc-cb132cf02e57f57f4507fbc0126481629d83f209.zip