]> git.cameronkatri.com Git - cgit.git/blob - html.c
auth-filters: do not crash on nil username
[cgit.git] / html.c
1 /* html.c: helper functions for html output
2 *
3 * Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
4 *
5 * Licensed under GNU General Public License v2
6 * (see COPYING for full license text)
7 */
8
9 #include "cgit.h"
10 #include "html.h"
11 #include "url.h"
12
13 /* Percent-encoding of each character, except: a-zA-Z0-9!$()*,./:;@- */
14 static const char* url_escape_table[256] = {
15 "%00", "%01", "%02", "%03", "%04", "%05", "%06", "%07",
16 "%08", "%09", "%0a", "%0b", "%0c", "%0d", "%0e", "%0f",
17 "%10", "%11", "%12", "%13", "%14", "%15", "%16", "%17",
18 "%18", "%19", "%1a", "%1b", "%1c", "%1d", "%1e", "%1f",
19 "%20", NULL, "%22", "%23", NULL, "%25", "%26", "%27",
20 NULL, NULL, NULL, "%2b", NULL, NULL, NULL, NULL,
21 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
22 NULL, NULL, NULL, NULL, "%3c", "%3d", "%3e", "%3f",
23 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
24 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
25 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
26 NULL, NULL, NULL, NULL, "%5c", NULL, "%5e", NULL,
27 "%60", NULL, NULL, NULL, NULL, NULL, NULL, NULL,
28 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
29 NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
30 NULL, NULL, NULL, "%7b", "%7c", "%7d", NULL, "%7f",
31 "%80", "%81", "%82", "%83", "%84", "%85", "%86", "%87",
32 "%88", "%89", "%8a", "%8b", "%8c", "%8d", "%8e", "%8f",
33 "%90", "%91", "%92", "%93", "%94", "%95", "%96", "%97",
34 "%98", "%99", "%9a", "%9b", "%9c", "%9d", "%9e", "%9f",
35 "%a0", "%a1", "%a2", "%a3", "%a4", "%a5", "%a6", "%a7",
36 "%a8", "%a9", "%aa", "%ab", "%ac", "%ad", "%ae", "%af",
37 "%b0", "%b1", "%b2", "%b3", "%b4", "%b5", "%b6", "%b7",
38 "%b8", "%b9", "%ba", "%bb", "%bc", "%bd", "%be", "%bf",
39 "%c0", "%c1", "%c2", "%c3", "%c4", "%c5", "%c6", "%c7",
40 "%c8", "%c9", "%ca", "%cb", "%cc", "%cd", "%ce", "%cf",
41 "%d0", "%d1", "%d2", "%d3", "%d4", "%d5", "%d6", "%d7",
42 "%d8", "%d9", "%da", "%db", "%dc", "%dd", "%de", "%df",
43 "%e0", "%e1", "%e2", "%e3", "%e4", "%e5", "%e6", "%e7",
44 "%e8", "%e9", "%ea", "%eb", "%ec", "%ed", "%ee", "%ef",
45 "%f0", "%f1", "%f2", "%f3", "%f4", "%f5", "%f6", "%f7",
46 "%f8", "%f9", "%fa", "%fb", "%fc", "%fd", "%fe", "%ff"
47 };
48
49 char *fmt(const char *format, ...)
50 {
51 static char buf[8][1024];
52 static int bufidx;
53 int len;
54 va_list args;
55
56 bufidx++;
57 bufidx &= 7;
58
59 va_start(args, format);
60 len = vsnprintf(buf[bufidx], sizeof(buf[bufidx]), format, args);
61 va_end(args);
62 if (len > sizeof(buf[bufidx])) {
63 fprintf(stderr, "[html.c] string truncated: %s\n", format);
64 exit(1);
65 }
66 return buf[bufidx];
67 }
68
69 char *fmtalloc(const char *format, ...)
70 {
71 struct strbuf sb = STRBUF_INIT;
72 va_list args;
73
74 va_start(args, format);
75 strbuf_vaddf(&sb, format, args);
76 va_end(args);
77
78 return strbuf_detach(&sb, NULL);
79 }
80
81 void html_raw(const char *data, size_t size)
82 {
83 if (write(STDOUT_FILENO, data, size) != size)
84 die_errno("write error on html output");
85 }
86
87 void html(const char *txt)
88 {
89 html_raw(txt, strlen(txt));
90 }
91
92 void htmlf(const char *format, ...)
93 {
94 va_list args;
95 struct strbuf buf = STRBUF_INIT;
96
97 va_start(args, format);
98 strbuf_vaddf(&buf, format, args);
99 va_end(args);
100 html(buf.buf);
101 strbuf_release(&buf);
102 }
103
104 void html_txtf(const char *format, ...)
105 {
106 va_list args;
107
108 va_start(args, format);
109 html_vtxtf(format, args);
110 va_end(args);
111 }
112
113 void html_vtxtf(const char *format, va_list ap)
114 {
115 va_list cp;
116 struct strbuf buf = STRBUF_INIT;
117
118 va_copy(cp, ap);
119 strbuf_vaddf(&buf, format, cp);
120 va_end(cp);
121 html_txt(buf.buf);
122 strbuf_release(&buf);
123 }
124
125 void html_txt(const char *txt)
126 {
127 if (txt)
128 html_ntxt(txt, strlen(txt));
129 }
130
131 ssize_t html_ntxt(const char *txt, size_t len)
132 {
133 const char *t = txt;
134 ssize_t slen;
135
136 if (len > SSIZE_MAX)
137 return -1;
138
139 slen = (ssize_t) len;
140 while (t && *t && slen--) {
141 int c = *t;
142 if (c == '<' || c == '>' || c == '&') {
143 html_raw(txt, t - txt);
144 if (c == '>')
145 html("&gt;");
146 else if (c == '<')
147 html("&lt;");
148 else if (c == '&')
149 html("&amp;");
150 txt = t + 1;
151 }
152 t++;
153 }
154 if (t != txt)
155 html_raw(txt, t - txt);
156 return slen;
157 }
158
159 void html_attrf(const char *fmt, ...)
160 {
161 va_list ap;
162 struct strbuf sb = STRBUF_INIT;
163
164 va_start(ap, fmt);
165 strbuf_vaddf(&sb, fmt, ap);
166 va_end(ap);
167
168 html_attr(sb.buf);
169 strbuf_release(&sb);
170 }
171
172 void html_attr(const char *txt)
173 {
174 const char *t = txt;
175 while (t && *t) {
176 int c = *t;
177 if (c == '<' || c == '>' || c == '\'' || c == '\"' || c == '&') {
178 html_raw(txt, t - txt);
179 if (c == '>')
180 html("&gt;");
181 else if (c == '<')
182 html("&lt;");
183 else if (c == '\'')
184 html("&#x27;");
185 else if (c == '"')
186 html("&quot;");
187 else if (c == '&')
188 html("&amp;");
189 txt = t + 1;
190 }
191 t++;
192 }
193 if (t != txt)
194 html(txt);
195 }
196
197 void html_url_path(const char *txt)
198 {
199 const char *t = txt;
200 while (t && *t) {
201 unsigned char c = *t;
202 const char *e = url_escape_table[c];
203 if (e && c != '+' && c != '&') {
204 html_raw(txt, t - txt);
205 html(e);
206 txt = t + 1;
207 }
208 t++;
209 }
210 if (t != txt)
211 html(txt);
212 }
213
214 void html_url_arg(const char *txt)
215 {
216 const char *t = txt;
217 while (t && *t) {
218 unsigned char c = *t;
219 const char *e = url_escape_table[c];
220 if (c == ' ')
221 e = "+";
222 if (e) {
223 html_raw(txt, t - txt);
224 html(e);
225 txt = t + 1;
226 }
227 t++;
228 }
229 if (t != txt)
230 html(txt);
231 }
232
233 void html_header_arg_in_quotes(const char *txt)
234 {
235 const char *t = txt;
236 while (t && *t) {
237 unsigned char c = *t;
238 const char *e = NULL;
239 if (c == '\\')
240 e = "\\\\";
241 else if (c == '\r')
242 e = "\\r";
243 else if (c == '\n')
244 e = "\\n";
245 else if (c == '"')
246 e = "\\\"";
247 if (e) {
248 html_raw(txt, t - txt);
249 html(e);
250 txt = t + 1;
251 }
252 t++;
253 }
254 if (t != txt)
255 html(txt);
256
257 }
258
259 void html_hidden(const char *name, const char *value)
260 {
261 html("<input type='hidden' name='");
262 html_attr(name);
263 html("' value='");
264 html_attr(value);
265 html("'/>");
266 }
267
268 void html_option(const char *value, const char *text, const char *selected_value)
269 {
270 html("<option value='");
271 html_attr(value);
272 html("'");
273 if (selected_value && !strcmp(selected_value, value))
274 html(" selected='selected'");
275 html(">");
276 html_txt(text);
277 html("</option>\n");
278 }
279
280 void html_intoption(int value, const char *text, int selected_value)
281 {
282 htmlf("<option value='%d'%s>", value,
283 value == selected_value ? " selected='selected'" : "");
284 html_txt(text);
285 html("</option>");
286 }
287
288 void html_link_open(const char *url, const char *title, const char *class)
289 {
290 html("<a href='");
291 html_attr(url);
292 if (title) {
293 html("' title='");
294 html_attr(title);
295 }
296 if (class) {
297 html("' class='");
298 html_attr(class);
299 }
300 html("'>");
301 }
302
303 void html_link_close(void)
304 {
305 html("</a>");
306 }
307
308 void html_fileperm(unsigned short mode)
309 {
310 htmlf("%c%c%c", (mode & 4 ? 'r' : '-'),
311 (mode & 2 ? 'w' : '-'), (mode & 1 ? 'x' : '-'));
312 }
313
314 int html_include(const char *filename)
315 {
316 FILE *f;
317 char buf[4096];
318 size_t len;
319
320 if (!(f = fopen(filename, "r"))) {
321 fprintf(stderr, "[cgit] Failed to include file %s: %s (%d).\n",
322 filename, strerror(errno), errno);
323 return -1;
324 }
325 while ((len = fread(buf, 1, 4096, f)) > 0)
326 html_raw(buf, len);
327 fclose(f);
328 return 0;
329 }
330
331 void http_parse_querystring(const char *txt, void (*fn)(const char *name, const char *value))
332 {
333 const char *t = txt;
334
335 while (t && *t) {
336 char *name = url_decode_parameter_name(&t);
337 if (*name) {
338 char *value = url_decode_parameter_value(&t);
339 fn(name, value);
340 free(value);
341 }
342 free(name);
343 }
344 }