diff options
author | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 12:49:46 +0200 |
---|---|---|
committer | Lars Hjemli <hjemli@gmail.com> | 2008-10-05 12:49:46 +0200 |
commit | a36a0d9dec8a3ba79501d2526d648e44306f0fdd (patch) | |
tree | ab9a6b2a0fc413887fb3fc1ddfd4fce54e26b599 /html.c | |
parent | f82b19407dd876e6c02a572615bf34b09f6fa831 (diff) | |
download | cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.gz cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.tar.bz2 cgit-a36a0d9dec8a3ba79501d2526d648e44306f0fdd.zip |
html.c: add html_url_arg
This function can be used to properly escape querystring parameter values.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Diffstat (limited to 'html.c')
-rw-r--r-- | html.c | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -128,6 +128,22 @@ void html_attr(char *txt) html(txt); } +void html_url_arg(char *txt) +{ + char *t = txt; + while(t && *t){ + int c = *t; + if (c=='"' || c=='#' || c=='%' || c=='&' || c=='\'' || c=='+' || c=='?') { + write(htmlfd, txt, t - txt); + write(htmlfd, fmt("%%%2x", c), 3); + txt = t+1; + } + t++; + } + if (t!=txt) + html(txt); +} + void html_hidden(char *name, char *value) { html("<input type='hidden' name='"); |