diff options
Diffstat (limited to 'format.c')
| -rw-r--r-- | format.c | 16 |
1 files changed, 2 insertions, 14 deletions
| @@ -4,6 +4,7 @@ | |||
| 4 | #include "xs.h" | 4 | #include "xs.h" |
| 5 | #include "xs_regex.h" | 5 | #include "xs_regex.h" |
| 6 | #include "xs_mime.h" | 6 | #include "xs_mime.h" |
| 7 | #include "xs_html.h" | ||
| 7 | 8 | ||
| 8 | #include "snac.h" | 9 | #include "snac.h" |
| 9 | 10 | ||
| @@ -260,23 +261,10 @@ xs_str *sanitize(const char *content) | |||
| 260 | } | 261 | } |
| 261 | 262 | ||
| 262 | 263 | ||
| 263 | xs_str *encode_html_strict(const char *str) | ||
| 264 | /* escapes html characters */ | ||
| 265 | { | ||
| 266 | xs_str *encoded = xs_replace(str, "&", "&"); | ||
| 267 | encoded = xs_replace_i(encoded, "<", "<"); | ||
| 268 | encoded = xs_replace_i(encoded, ">", ">"); | ||
| 269 | encoded = xs_replace_i(encoded, "\"", """); | ||
| 270 | encoded = xs_replace_i(encoded, "'", "'"); | ||
| 271 | |||
| 272 | return encoded; | ||
| 273 | } | ||
| 274 | |||
| 275 | |||
| 276 | xs_str *encode_html(const char *str) | 264 | xs_str *encode_html(const char *str) |
| 277 | /* escapes html characters */ | 265 | /* escapes html characters */ |
| 278 | { | 266 | { |
| 279 | xs_str *encoded = encode_html_strict(str); | 267 | xs_str *encoded = xs_html_encode((char *)str); |
| 280 | 268 | ||
| 281 | /* Restore only <br>. Probably safe. Let's hope nothing goes wrong with this. */ | 269 | /* Restore only <br>. Probably safe. Let's hope nothing goes wrong with this. */ |
| 282 | encoded = xs_replace_i(encoded, "<br>", "<br>"); | 270 | encoded = xs_replace_i(encoded, "<br>", "<br>"); |