New function encode_html_strict().

author: default 2023-10-04 18:19:38 +0200
committer: default 2023-10-04 18:19:38 +0200
commit: b1868d85bbd9a707c487c9d2e277c6c038478db6 (patch)
tree: b6b7a1348b571dcbf2e5e8b6fca02d53ae92239e /html.c
parent: Updated RELEASE_NOTES. (diff)
download: snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.tar.gz
snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.tar.xz
snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/html.c b/html.c
index 58319c6..175a214 100644
--- a/html.c
+++ b/html.c
@@ -2075,10 +2075,10 @@ int html_get_handler(const xs_dict *req, const char *q_path,
        xs *bio   = not_really_markdown(xs_dict_get(snac.config, "bio"), NULL);
        char *p, *v;
-        xs *es1 = encode_html(xs_dict_get(snac.config, "name"));
+        xs *es1 = encode_html_strict(xs_dict_get(snac.config, "name"));
-        xs *es2 = encode_html(snac.uid);
+        xs *es2 = encode_html_strict(snac.uid);
-        xs *es3 = encode_html(xs_dict_get(srv_config, "host"));
+        xs *es3 = encode_html_strict(xs_dict_get(srv_config, "host"));
-        xs *es4 = encode_html(bio);
+        xs *es4 = encode_html_strict(bio);
        rss = xs_fmt(
            "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
            "<rss version=\"0.91\">\n"
@@ -2106,7 +2106,7 @@ int html_get_handler(const xs_dict *req, const char *q_path,
            if (!xs_startswith(id, snac.actor))
                continue;
-            xs *content = sanitize(xs_dict_get(msg, "content"));
+            xs *content = encode_html_strict(xs_dict_get(msg, "content"));
            // We SHOULD only use sanitized one for description.
            // So, only encode for feed title, while the description just keep it sanitized as is.
@@ -2115,7 +2115,7 @@ int html_get_handler(const xs_dict *req, const char *q_path,
            xs *title   = xs_str_new(NULL);
            int i;
-            for (i = 0; es_title[i] && es_title[i] != '\n' && i < 50; i++)
+            for (i = 0; es_title[i] && es_title[i] != '\n' && es_title[i] != '&' && i < 50; i++)
                title = xs_append_m(title, &es_title[i], 1);
            xs *s = xs_fmt(
author	default	2023-10-04 18:19:38 +0200
committer	default	2023-10-04 18:19:38 +0200
commit	b1868d85bbd9a707c487c9d2e277c6c038478db6 (patch)
tree	b6b7a1348b571dcbf2e5e8b6fca02d53ae92239e /html.c
parent	Updated RELEASE_NOTES. (diff)
download	snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.tar.gz snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.tar.xz snac2-b1868d85bbd9a707c487c9d2e277c6c038478db6.zip

diff --git a/html.c b/html.c index 58319c6..175a214 100644 --- a/html.c +++ b/html.c
@@ -2075,10 +2075,10 @@ int html_get_handler(const xs_dict req, const char q_path,
2075	xs *bio = not_really_markdown(xs_dict_get(snac.config, "bio"), NULL);	2075	xs *bio = not_really_markdown(xs_dict_get(snac.config, "bio"), NULL);
2076	char p, v;	2076	char p, v;
2077		2077
2078	xs *es1 = encode_html(xs_dict_get(snac.config, "name"));	2078	xs *es1 = encode_html_strict(xs_dict_get(snac.config, "name"));
2079	xs *es2 = encode_html(snac.uid);	2079	xs *es2 = encode_html_strict(snac.uid);
2080	xs *es3 = encode_html(xs_dict_get(srv_config, "host"));	2080	xs *es3 = encode_html_strict(xs_dict_get(srv_config, "host"));
2081	xs *es4 = encode_html(bio);	2081	xs *es4 = encode_html_strict(bio);
2082	rss = xs_fmt(	2082	rss = xs_fmt(
2083	"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"	2083	"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
2084	"<rss version=\"0.91\">\n"	2084	"<rss version=\"0.91\">\n"
@@ -2106,7 +2106,7 @@ int html_get_handler(const xs_dict req, const char q_path,
2106	if (!xs_startswith(id, snac.actor))	2106	if (!xs_startswith(id, snac.actor))
2107	continue;	2107	continue;
2108		2108
2109	xs *content = sanitize(xs_dict_get(msg, "content"));	2109	xs *content = encode_html_strict(xs_dict_get(msg, "content"));
2110		2110
2111	// We SHOULD only use sanitized one for description.	2111	// We SHOULD only use sanitized one for description.
2112	// So, only encode for feed title, while the description just keep it sanitized as is.	2112	// So, only encode for feed title, while the description just keep it sanitized as is.
@@ -2115,7 +2115,7 @@ int html_get_handler(const xs_dict req, const char q_path,
2115	xs *title = xs_str_new(NULL);	2115	xs *title = xs_str_new(NULL);
2116	int i;	2116	int i;
2117		2117
2118	for (i = 0; es_title[i] && es_title[i] != '\n' && i < 50; i++)	2118	for (i = 0; es_title[i] && es_title[i] != '\n' && es_title[i] != '&' && i < 50; i++)
2119	title = xs_append_m(title, &es_title[i], 1);	2119	title = xs_append_m(title, &es_title[i], 1);
2120		2120
2121	xs *s = xs_fmt(	2121	xs *s = xs_fmt(