utils: add uh_htmlescape() helper

The uh_htmlescape() function returns a copy of the given string with the
HTML special characters `<`, `>`, `"` and `'` replaced by HTML entities in
hexadecimal notation.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/utils.c b/utils.c
index 9342eb668022df21d62d968c6bd67a48c0dd0921..1c61c41fa2ceb9e36845570787787c9c1376e32e 100644 (file)
--- a/utils.c
+++ b/utils.c
@@ -249,3 +249,45 @@ bool uh_addr_rfc1918(struct uh_addr *addr)
 
        return 0;
 }
+
+
+static bool is_html_special_char(char c)
+{
+       switch (c)
+       {
+       case 0x22:
+       case 0x26:
+       case 0x27:
+       case 0x3C:
+       case 0x3E:
+               return true;
+
+       default:
+               return false;
+       }
+}
+
+char *uh_htmlescape(const char *str)
+{
+       size_t len;
+       char *p, *copy;
+
+       for (p = str, len = 1; *p; p++)
+               if (is_html_special_char(*p))
+                       len += 6; /* &#x??; */
+               else
+                       len++;
+
+       copy = calloc(1, len);
+
+       if (!copy)
+               return NULL;
+
+       for (p = copy; *str; str++)
+               if (is_html_special_char(*str))
+                       p += sprintf(p, "&#x%02x;", (unsigned int)*str);
+               else
+                       *p++ = *str;
+
+       return copy;
+}

diff --git a/utils.h b/utils.h
index c583f453798fb46915dfcefd2d6573c59b74bc3d..093deff3e563ce989278f18c0a6a9b956777cc80 100644 (file)
--- a/utils.h
+++ b/utils.h
@@ -73,5 +73,6 @@ int uh_b64decode(char *buf, int blen, const void *src, int slen);
 bool uh_path_match(const char *prefix, const char *url);
 char *uh_split_header(char *str);
 bool uh_addr_rfc1918(struct uh_addr *addr);
+char *uh_htmlescape(const char *src);
 
 #endif