From ceb2fcaa6f0c730bb1f6f843320f7aefd929a1df Mon Sep 17 00:00:00 2001
From: Ingo Schwarze <schwarze@openbsd.org>
Date: Mon, 28 May 2018 14:13:36 +0000
Subject: URL-fragment strings can only contain certain characters. Fixing HTML
 syntax violations e.g. in pf.conf(5) and ifconfig(8) reported by Anton
 Lazarov <lists at wrant dot com>.

---
 html.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/html.c b/html.c
index 9ad83e8e..709c43fa 100644
--- a/html.c
+++ b/html.c
@@ -1,4 +1,4 @@
-/*	$Id: html.c,v 1.229 2018/05/25 20:23:51 schwarze Exp $ */
+/*	$Id: html.c,v 1.230 2018/05/28 14:13:36 schwarze Exp $ */
 /*
  * Copyright (c) 2008-2011, 2014 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2011-2015, 2017, 2018 Ingo Schwarze <schwarze@openbsd.org>
@@ -287,10 +287,16 @@ html_make_id(const struct roff_node *n, int unique)
 	if (buf == NULL)
 		return NULL;
 
-	/* http://www.w3.org/TR/html5/dom.html#the-id-attribute */
+	/*
+	 * In ID attributes, only use ASCII characters that are
+	 * permitted in URL-fragment strings according to the
+	 * explicit list at:
+	 * https://url.spec.whatwg.org/#url-fragment-string
+	 */
 
 	for (cp = buf; *cp != '\0'; cp++)
-		if (*cp == ' ')
+		if (isalnum((unsigned char)*cp) == 0 &&
+		    strchr("!$&'()*+,-./:;=?@_~", *cp) == NULL)
 			*cp = '_';
 
 	if (unique == 0)
-- 
cgit v1.2.3-56-ge451